CVE-2014-5206
Publication date 13 August 2014
Last updated 24 July 2024
Ubuntu priority
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.
From the Ubuntu Security Team
Kenton Varda discovered a flaw with read-only bind mounds when used with user namespaces. An unprivileged local user could exploit this flaw to gain full write privileges to a mount that should be read only.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | ||
14.04 LTS trusty |
Fixed 3.13.0-34.60
|
|
linux-armadaxp | ||
14.04 LTS trusty | Not in release | |
linux-ec2 | ||
14.04 LTS trusty | Not in release | |
linux-flo | ||
14.04 LTS trusty | Not in release | |
linux-fsl-imx51 | ||
14.04 LTS trusty | Not in release | |
linux-goldfish | ||
14.04 LTS trusty | Not in release | |
linux-grouper | ||
14.04 LTS trusty | Not in release | |
linux-linaro-omap | ||
14.04 LTS trusty | Not in release | |
linux-linaro-shared | ||
14.04 LTS trusty | Not in release | |
linux-linaro-vexpress | ||
14.04 LTS trusty | Not in release | |
linux-lts-quantal | ||
14.04 LTS trusty | Not in release | |
linux-lts-raring | ||
14.04 LTS trusty | Not in release | |
linux-lts-saucy | ||
14.04 LTS trusty | Not in release | |
linux-lts-trusty | ||
14.04 LTS trusty | Not in release | |
linux-lts-utopic | ||
14.04 LTS trusty | Not in release | |
linux-lts-vivid | ||
14.04 LTS trusty | Not in release | |
linux-maguro | ||
14.04 LTS trusty | Not in release | |
linux-mako | ||
14.04 LTS trusty | Not in release | |
linux-manta | ||
14.04 LTS trusty | Not in release | |
linux-mvl-dove | ||
14.04 LTS trusty | Not in release | |
linux-qcm-msm | ||
14.04 LTS trusty | Not in release | |
linux-raspi2 | ||
14.04 LTS trusty | Not in release | |
linux-ti-omap4 | ||
14.04 LTS trusty | Not in release | |
Notes
jdstrand
android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels
apw
The existing break-fix appears to point to some self-tests break-fix: - db181ce011e3c033328608299cd6fac06ea50130 actual fix appears to be: a6138db815df5ee542d848318e5dae681590fccd
jdstrand
linux-lts-saucy no longer receives official support
Patch details
Package | Patch details |
---|---|
linux |
References
Related Ubuntu Security Notices (USN)
- USN-2318-1
- Linux kernel vulnerabilities
- 18 August 2014
- USN-2317-1
- Linux kernel (Trusty HWE) vulnerabilities
- 18 August 2014