Published: 18/08/2014 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The do_remount function in fs/namespace.c in the Linux kernel up to and including 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04

Several security issues were fixed in the kernel ...

fs/namespacec in the Linux kernel through 3161 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesyst ...

CWE-269 https://github.com/torvalds/linux/commit/a6138db815df5ee542d848318e5dae681590fccd http://www.openwall.com/lists/oss-security/2014/08/13/4 https://bugzilla.redhat.com/show_bug.cgi?id=1129662 http://www.ubuntu.com/usn/USN-2317-1 http://www.ubuntu.com/usn/USN-2318-1 http://www.securityfocus.com/bid/69214 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6138db815df5ee542d848318e5dae681590fccd https://nvd.nist.gov https://usn.ubuntu.com/2317-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-5206

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect