Vulnerability CVE-2014-5206: Information

Description

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.

Severity: HIGH (7.2)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-5206

Published: Aug. 18, 2014

Modified: Nov. 7, 2023

Error type identifier: CWE-269

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-std-def	sisyphus	3.18.21-alt1	6.1.94-alt1	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	p10	3.18.21-alt1	5.10.218-alt1	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	p9	3.18.21-alt1	5.4.277-alt1	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	c9f2	3.18.21-alt1	5.10.214-alt0.c9f.2	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	c7	4.4.93-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2017-2509-1	191210	Fixed
kernel-image-std-def	p11	3.18.21-alt1	6.1.91-alt1	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-un-def	sisyphus	3.16.2-alt1	6.6.34-alt1	ALT-PU-2014-2106-1	129235	Fixed
kernel-image-un-def	p10	3.16.2-alt1	6.1.90-alt1	ALT-PU-2014-2106-1	129235	Fixed
kernel-image-un-def	p9	3.16.2-alt1	5.10.218-alt1	ALT-PU-2014-2106-1	129235	Fixed
kernel-image-un-def	c10f1	3.16.2-alt1	6.1.85-alt0.c10f.1	ALT-PU-2014-2106-1	129235	Fixed
kernel-image-un-def	c9f2	3.16.2-alt1	5.10.29-alt2	ALT-PU-2014-2106-1	129235	Fixed
kernel-image-un-def	c7	3.16.3-alt1	4.9.277-alt0.M70C.1	ALT-PU-2014-2173-1	130870	Fixed
kernel-image-un-def	p11	3.16.2-alt1	6.6.31-alt1	ALT-PU-2014-2106-1	129235	Fixed
usbip	sisyphus	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed
usbip	p10	5.10-alt1	5.10-alt1	ALT-PU-2023-1903-1	320461	Fixed
usbip	p11	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://github.com/torvalds/linux/commit/a6138db815df5ee542d848318e5dae681590fccd	Patch Third Party Advisory
[oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1129662	Issue Tracking Patch Third Party Advisory
USN-2317-1	Third Party Advisory
USN-2318-1	Third Party Advisory
69214	Third Party Advisory VDB Entry
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6138db815df5ee542d848318e5dae681590fccd

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.13
  End excliding
  3.14.19
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.15
  End excliding
  3.16.3
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.11
  End excliding
  3.12.27
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.8
  End excliding
  3.10.55
  
  Configuration 2
  cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

Version: v24.5.3

Vulnerability CVE-2014-5206: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2