CVE-2014-8989

Vulnerability Description

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.ht
• http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.ht
• http://thread.gmane.org/gmane.linux.man/7385/Exploit
• http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
• http://www.openwall.com/lists/oss-security/2014/11/20/4
• http://www.securityfocus.com/bid/71154
• http://www.ubuntu.com/usn/USN-2515-1
• http://www.ubuntu.com/usn/USN-2516-1
• http://www.ubuntu.com/usn/USN-2517-1
• http://www.ubuntu.com/usn/USN-2518-1
• http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.ht
• http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.ht
• http://thread.gmane.org/gmane.linux.man/7385/Exploit
• http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
• http://www.openwall.com/lists/oss-security/2014/11/20/4