CVE Vulnerabilities

CVE-2014-5206

Improper Privilege Management

Published: Aug 18, 2014 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a mount -o remount command within a user namespace.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 3.13 *
Linux_kernel Linux 3.15 *
Linux_kernel Linux 3.11 *
Linux_kernel Linux 3.8 *

Potential Mitigations

References