← Zuruck zu CVEs
CVE-2014-7975
MEDIUM5.5
Beschreibung
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.
CVE Details
CVSS v3.1 Bewertung5.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/13/2014
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
canonical:ubuntu_linuxlinux:linux_kernel
Referenzen
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5(cve@mitre.org)
http://secunia.com/advisories/60174(cve@mitre.org)
http://secunia.com/advisories/61145(cve@mitre.org)
http://secunia.com/advisories/62633(cve@mitre.org)
http://secunia.com/advisories/62634(cve@mitre.org)
http://thread.gmane.org/gmane.linux.kernel.stable/109312(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2014/10/08/22(cve@mitre.org)
http://www.securityfocus.com/bid/70314(cve@mitre.org)
http://www.securitytracker.com/id/1031180(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2415-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2416-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2417-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2418-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2419-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2420-1(cve@mitre.org)
http://www.ubuntu.com/usn/USN-2421-1(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2017:1842(cve@mitre.org)
https://access.redhat.com/errata/RHSA-2017:2077(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1151108(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96994(cve@mitre.org)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60174(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/61145(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62633(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62634(af854a3a-2127-422b-91ae-364da2661108)
http://thread.gmane.org/gmane.linux.kernel.stable/109312(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2014/10/08/22(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/70314(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1031180(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2415-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2416-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2417-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2418-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2419-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2420-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2421-1(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1842(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:2077(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1151108(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96994(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.