Vulnerability Description
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 3.16.1 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://osvdb.org/show/osvdb/110055Broken Link
- http://packetstormsecurity.com/files/128595/Linux-Kernel-3.16.1-FUSE-Privilege-EExploitThird Party AdvisoryVDB Entry
- http://seclists.org/oss-sec/2014/q3/352Mailing ListThird Party Advisory
- http://www.exploit-db.com/exploits/34923ExploitThird Party AdvisoryVDB Entry
- http://www.openwall.com/lists/oss-security/2014/08/13/4Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/69216Third Party AdvisoryVDB Entry
- http://www.ubuntu.com/usn/USN-2317-1Third Party Advisory
- http://www.ubuntu.com/usn/USN-2318-1Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1129662Issue TrackingPatchThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95266Third Party AdvisoryVDB Entry
- https://github.com/torvalds/linux/commit/9566d6742852c527bf5af38af5cbb878dad7570PatchThird Party Advisory
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://osvdb.org/show/osvdb/110055Broken Link
- http://packetstormsecurity.com/files/128595/Linux-Kernel-3.16.1-FUSE-Privilege-EExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2014-5207?
CVE-2014-5207 is a vulnerability with a CVSS score of 6.2 (MEDIUM). fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows l...
How severe is CVE-2014-5207?
CVE-2014-5207 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-5207?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.