6.9

CVE-2015-2925

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.72
LinuxLinux Kernel Version >= 3.3 < 3.4.110
LinuxLinux Kernel Version >= 3.5 < 3.10.91
LinuxLinux Kernel Version >= 3.11 < 3.12.49
LinuxLinux Kernel Version >= 3.13 < 3.14.55
LinuxLinux Kernel Version >= 3.15 < 3.16.35
LinuxLinux Kernel Version >= 3.17 < 3.18.23
LinuxLinux Kernel Version >= 3.19 < 4.1.11
LinuxLinux Kernel Version >= 4.2 < 4.2.4
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version12.04 SwEdition-
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version15.04
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.25% 0.654
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0068.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html
Third Party Advisory
Mailing List
http://www.debian.org/security/2015/dsa-3364
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html
Third Party Advisory
Mailing List
http://www.debian.org/security/2015/dsa-3372
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2015-2636.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2792-1
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65
Third Party Advisory
http://permalink.gmane.org/gmane.linux.kernel.containers/29173
Broken Link
http://permalink.gmane.org/gmane.linux.kernel.containers/29177
Broken Link
http://pkgs.fedoraproject.org/cgit/kernel.git/commit/?h=f22&id=520b64102de2f184036024b2a53de2b67463bd78
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4
Vendor Advisory
http://www.openwall.com/lists/oss-security/2015/04/04/4
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/73926
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2794-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2795-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2798-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2799-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1209367
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1209373
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/397d425dc26da728396e66d392d5dcb8dac30c37
Third Party Advisory
https://github.com/torvalds/linux/commit/cde93be45a8a90d8c264c776fab63487b5038a65
Third Party Advisory