** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** Description changed:
- Mount flags MNT_NOSUID, MNT_NODEV, MNT_NOEXEC, and the atime flags in
- addition to MNT_READONLY could be reset by less-privileged users when
- remounting filesystems.
+ fs/namespace.c in the Linux kernel through 3.16.1 does not properly
+ restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing
+ MNT_ATIME_MASK during a remount of a bind mount, which allows local
+ users to gain privileges, interfere with backups and auditing on systems
+ that had atime enabled, or cause a denial of service (excessive
+ filesystem updating) on systems that had atime disabled via a "mount -o
+ remount" command within a user namespace.
Break-Fix: 0c55cfc4166d9a0f38de779bd4d75a90afbe7734
9566d6742852c527bf5af38af5cbb878dad75705
Break-Fix: 0c55cfc4166d9a0f38de779bd4d75a90afbe7734
ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1356323
Title:
CVE-2014-5207
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1356323/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
