Published: 30/11/2014 Updated: 03/01/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The Linux kernel up to and including 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.0
linux linux kernel 3.0.1
linux linux kernel 3.0.10
linux linux kernel 3.0.18
linux linux kernel 3.0.11
linux linux kernel 3.0.12
linux linux kernel 3.0.13
linux linux kernel 3.0.2
linux linux kernel 3.0.20
linux linux kernel 3.0.27
linux linux kernel 3.0.28
linux linux kernel 3.0.35
linux linux kernel 3.0.36
linux linux kernel 3.0.42
linux linux kernel 3.0.43
linux linux kernel 3.0.5
linux linux kernel 3.0.50
linux linux kernel 3.0.58
linux linux kernel 3.0.59
linux linux kernel 3.0.65
linux linux kernel 3.0.66
linux linux kernel 3.1
linux linux kernel 3.1.5
linux linux kernel 3.0.16
linux linux kernel 3.0.17
linux linux kernel 3.0.23
linux linux kernel 3.0.24
linux linux kernel 3.0.30
linux linux kernel 3.0.31
linux linux kernel 3.0.39
linux linux kernel 3.0.4
linux linux kernel 3.0.46
linux linux kernel 3.0.47
linux linux kernel 3.0.53
linux linux kernel 3.0.54
linux linux kernel 3.0.61
linux linux kernel 3.0.62
linux linux kernel 3.0.7
linux linux kernel 3.0.8
linux linux kernel 3.1.1
linux linux kernel 3.1.10
linux linux kernel 3.1.2
linux linux kernel 3.1.9
linux linux kernel 3.10
linux linux kernel 3.10.13
linux linux kernel 3.10.14
linux linux kernel 3.10.20
linux linux kernel 3.10.21
linux linux kernel 3.10.28
linux linux kernel 3.10.29
linux linux kernel 3.10.6
linux linux kernel 3.11.1
linux linux kernel 3.11.10
linux linux kernel 3.11.8
linux linux kernel 3.11.9
linux linux kernel 3.12.14
linux linux kernel 3.12.15
linux linux kernel 3.12.7
linux linux kernel 3.12.8
linux linux kernel 3.13.3
linux linux kernel 3.13.4
linux linux kernel 3.14
linux linux kernel 3.14.2
linux linux kernel 3.14.3
linux linux kernel 3.15.4
linux linux kernel 3.15.5
linux linux kernel 3.17.2
linux linux kernel 3.0.14
linux linux kernel 3.0.15
linux linux kernel 3.0.21
linux linux kernel 3.0.22
linux linux kernel 3.0.29
linux linux kernel 3.0.3
linux linux kernel 3.0.37
linux linux kernel 3.0.38
linux linux kernel 3.0.44
linux linux kernel 3.0.45
linux linux kernel 3.0.51
linux linux kernel 3.0.52
linux linux kernel 3.0.6
linux linux kernel 3.0.60
linux linux kernel 3.0.67
linux linux kernel 3.0.68
linux linux kernel 3.1.7
linux linux kernel 3.1.8
linux linux kernel 3.10.11
linux linux kernel 3.10.12
linux linux kernel 3.10.19
linux linux kernel 3.10.2
linux linux kernel 3.10.26
linux linux kernel 3.10.27
linux linux kernel 3.10.5
linux linux kernel 3.10.9
linux linux kernel 3.11
linux linux kernel 3.11.6
linux linux kernel 3.11.7
linux linux kernel 3.12.12
linux linux kernel 3.12.13
linux linux kernel 3.12.5
linux linux kernel 3.0.19
linux linux kernel 3.0.25
linux linux kernel 3.0.26
linux linux kernel 3.0.32
linux linux kernel 3.0.33
linux linux kernel 3.0.34
linux linux kernel 3.0.40
linux linux kernel 3.0.41
linux linux kernel 3.0.48
linux linux kernel 3.0.49
linux linux kernel 3.0.55
linux linux kernel 3.0.56
linux linux kernel 3.0.57
linux linux kernel 3.0.63
linux linux kernel 3.0.64
linux linux kernel 3.0.9
linux linux kernel 3.1.3
linux linux kernel 3.1.4
linux linux kernel 3.10.0
linux linux kernel 3.10.1
linux linux kernel 3.10.15
linux linux kernel 3.10.16
linux linux kernel 3.10.22
linux linux kernel 3.10.23
linux linux kernel 3.10.3
linux linux kernel 3.10.7
linux linux kernel 3.11.2
linux linux kernel 3.11.3
linux linux kernel 3.12
linux linux kernel 3.12.1
linux linux kernel 3.12.16
linux linux kernel 3.12.17
linux linux kernel 3.12.9
linux linux kernel 3.13
linux linux kernel 3.13.5
linux linux kernel 3.13.6
linux linux kernel 3.14.4
linux linux kernel 3.14.5
linux linux kernel 3.15.6
linux linux kernel 3.15.7
linux linux kernel 3.2
linux linux kernel 3.1.6
linux linux kernel 3.10.10
linux linux kernel 3.10.17
linux linux kernel 3.10.18
linux linux kernel 3.10.24
linux linux kernel 3.10.25
linux linux kernel 3.10.4
linux linux kernel 3.10.8
linux linux kernel 3.11.4
linux linux kernel 3.11.5
linux linux kernel 3.12.10
linux linux kernel 3.12.11
linux linux kernel 3.12.2
linux linux kernel 3.12.3
linux linux kernel 3.12.4
linux linux kernel 3.13.1
linux linux kernel 3.13.10
linux linux kernel 3.13.7
linux linux kernel 3.13.8
linux linux kernel 3.15
linux linux kernel 3.15.1
linux linux kernel 3.15.8
linux linux kernel 3.16.0
linux linux kernel 3.17.1
linux linux kernel 3.17
linux linux kernel 3.12.6
linux linux kernel 3.13.11
linux linux kernel 3.13.2
linux linux kernel 3.13.9
linux linux kernel 3.14.1
linux linux kernel 3.15.2
linux linux kernel 3.15.3
linux linux kernel 3.16.1
linux linux kernel

Debian Bug report logs - #774155 linux: CVE-2014-9428: Remote crash of kernel via batman-adv module Package: linux; Maintainer for linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: conchur@webde Date: Mon, 29 Dec 2014 16:48:01 UTC Severity: important Tags: patch, security, upstream Found in versi ...

USN-2516-1 introduced a regression in the Linux kernel ...

Several security issues were fixed in the kernel ...

USN-2516-1 introduced a regression in the Linux kernel ...

Several security issues were fixed in the kernel ...

USN-2515-1 introduced a regression in the Linux kernel ...

Several security issues were fixed in the kernel ...

The Linux kernel through 3174 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups ...

linux kernel introduced namespace mechanism since 2.4.19, especially with 3.8, user namespace for a unprivileged user come true.

kernel user namespace Linux kernel introduced namespace mechanism since 2419, especially with 38, creating user namespace for an unprivileged user comes true, in which a full set of caps granted to you However it is just available in some linux distribution(ubuntu, debian) 1 what is user namespce? User namespce establish a mapping from host to container, which allows f

CWE-264 http://thread.gmane.org/gmane.linux.man/7385/http://www.openwall.com/lists/oss-security/2014/11/20/4 http://www.ubuntu.com/usn/USN-2518-1 http://www.ubuntu.com/usn/USN-2515-1 http://www.ubuntu.com/usn/USN-2516-1 http://www.ubuntu.com/usn/USN-2517-1 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html http://www.securityfocus.com/bid/71154 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774155 https://nvd.nist.gov https://github.com/soh0ro0t/kernel-namespace https://access.redhat.com/security/cve/cve-2014-8989 https://usn.ubuntu.com/2516-3/

Get Started

CVE-2014-8989

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect