Your submission was sent successfully! Close

CVE-2008-2931

Published: 9 July 2008

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

From the Ubuntu security team

The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy.

Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy Not vulnerable

upstream Not vulnerable

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-52.71)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

upstream Needs triage

linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty
Released (2.6.20-17.39)
gutsy Does not exist

hardy Does not exist

upstream Needs triage

linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Not vulnerable

hardy Does not exist

upstream Not vulnerable