5.5

CVE-2014-7975

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 3.17
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version14.10
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.46% 0.364
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/60174
Broken Link
http://secunia.com/advisories/62633
Broken Link
http://www.ubuntu.com/usn/USN-2416-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2417-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2418-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2419-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2420-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2421-1
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1842
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2077
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5
Patch
Vendor Advisory
Mailing List
http://secunia.com/advisories/61145
Broken Link
http://secunia.com/advisories/62634
Broken Link
http://thread.gmane.org/gmane.linux.kernel.stable/109312
Broken Link
http://www.openwall.com/lists/oss-security/2014/10/08/22
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/70314
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031180
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2415-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1151108
Patch
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/96994
Third Party Advisory
VDB Entry