The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.8.2 | 3.8.2 |
Linux_kernel | Linux | 3.8.0 | 3.8.0 |
Linux_kernel | Linux | * | 3.8.5 |
Linux_kernel | Linux | 3.8.1 | 3.8.1 |
Linux_kernel | Linux | 3.8.3 | 3.8.3 |
Linux_kernel | Linux | 3.8.4 | 3.8.4 |