PT-2014-8349 · Linux+5 · Linux Kernel+5

Publicado

2014-10-13

Atualizado

2020-08-14

CVE-2014-7975

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 3.17

Description The issue allows local users to cause a denial of service, specifically a loss of writability, by manipulating certain system calls and flags. This is due to the do umount function not requiring the CAP SYS ADMIN capability for specific do remount sb calls that change the root filesystem to read-only.

Recommendations For Linux kernel versions through 3.17, as a temporary workaround, consider restricting the use of the do umount function until a patch is available. Additionally, limiting the ability to make certain unshare system calls and clearing the / MNT LOCKED flag can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2014-2297

ALT-PU-2015-1794

CESA-2017_1842

CVE-2014-7975

MGASA-2014-0451

MGASA-2014-0452

MGASA-2014-0453

MGASA-2014-0454

MGASA-2014-0455

MGASA-2014-0456

MGASA-2014-0459

MGASA-2014-0479

OPENSUSE-SU-2014_1677-1

RHSA-2017:1842

RHSA-2017:2077

RHSA-2017_1842

RHSA-2017_2077

USN-2415-1

USN-2416-1

USN-2417-1

USN-2418-1

USN-2419-1

USN-2420-1

USN-2421-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2014-8349 · Linux+5 · Linux Kernel+5

CVE-2014-7975

Identificadores relacionados

Produtos afetados

Referências · 705