CVE-2013-1957

The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	3.8.5 (including)
Linux_kernel	Linux	3.8.0 (including)	3.8.0 (including)
Linux_kernel	Linux	3.8.1 (including)	3.8.1 (including)
Linux_kernel	Linux	3.8.2 (including)	3.8.2 (including)
Linux_kernel	Linux	3.8.3 (including)	3.8.3 (including)
Linux_kernel	Linux	3.8.4 (including)	3.8.4 (including)
Linux	Ubuntu	upstream	*
Linux-armadaxp	Ubuntu	upstream	*
Linux-ec2	Ubuntu	upstream	*
Linux-fsl-imx51	Ubuntu	lucid	*
Linux-fsl-imx51	Ubuntu	upstream	*
Linux-linaro-omap	Ubuntu	devel	*
Linux-linaro-omap	Ubuntu	oneiric	*
Linux-linaro-omap	Ubuntu	precise	*
Linux-linaro-omap	Ubuntu	quantal	*
Linux-linaro-omap	Ubuntu	upstream	*
Linux-linaro-shared	Ubuntu	devel	*
Linux-linaro-shared	Ubuntu	oneiric	*
Linux-linaro-shared	Ubuntu	precise	*
Linux-linaro-shared	Ubuntu	quantal	*
Linux-linaro-shared	Ubuntu	upstream	*
Linux-linaro-vexpress	Ubuntu	devel	*
Linux-linaro-vexpress	Ubuntu	oneiric	*
Linux-linaro-vexpress	Ubuntu	precise	*
Linux-linaro-vexpress	Ubuntu	quantal	*
Linux-linaro-vexpress	Ubuntu	upstream	*
Linux-lts-backport-maverick	Ubuntu	lucid	*
Linux-lts-backport-maverick	Ubuntu	upstream	*
Linux-lts-backport-oneiric	Ubuntu	upstream	*
Linux-lts-quantal	Ubuntu	upstream	*
Linux-mvl-dove	Ubuntu	lucid	*
Linux-mvl-dove	Ubuntu	upstream	*
Linux-qcm-msm	Ubuntu	devel	*
Linux-qcm-msm	Ubuntu	lucid	*
Linux-qcm-msm	Ubuntu	oneiric	*
Linux-qcm-msm	Ubuntu	precise	*
Linux-qcm-msm	Ubuntu	quantal	*
Linux-qcm-msm	Ubuntu	upstream	*
Linux-ti-omap4	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-1957
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References