Back to bug 1295287
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Prasad Pandit | 2016-01-04 06:14:29 UTC | Blocks | 1295281 | |
| Prasad Pandit | 2016-01-04 06:14:56 UTC | Depends On | 1295288 | |
| Prasad Pandit | 2016-01-04 06:19:10 UTC | Blocks | 1295281 | |
| Prasad Pandit | 2016-01-04 10:41:42 UTC | Doc Text | Linux kernel built with the User Name-spaces(CONFIG_USER_NS) support is vulnerable to a potential privilege escalation flaw. It could occur when a root owned process tries to enter a user name-space, wherein a user attempts to attach the entering process via ptrace(1). A privileged name space user could use this flaw to potentially escalate their privileges on the system. | |
| Whiteboard | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=new,rhel-7/kernel=notaffected,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/kernel-aarch64=new,fedora-all/kernel=affected | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=affected,fedora-all/kernel=affected | ||
| Prasad Pandit | 2016-01-04 11:11:15 UTC | Whiteboard | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=affected,fedora-all/kernel=affected | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=affected,fedora-all/kernel=affected |
| Summer Long | 2016-01-04 23:10:27 UTC | CC | slong | |
| Doc Text | Linux kernel built with the User Name-spaces(CONFIG_USER_NS) support is vulnerable to a potential privilege escalation flaw. It could occur when a root owned process tries to enter a user name-space, wherein a user attempts to attach the entering process via ptrace(1). A privileged name space user could use this flaw to potentially escalate their privileges on the system. | A privilege-escalation vulnerability was discovered in the Linux kernel built with User Namespace (CONFIG_USER_NS) support. The flaw occurred when the ptrace() system call was used on a root-owned process to enter a user namespace. A privileged namespace user could exploit this flaw to potentially escalate their privileges on the system, outside the original namespace. | ||
| Prasad Pandit | 2016-01-05 11:38:10 UTC | Blocks | 1295281 | |
| Prasad Pandit | 2016-01-07 06:57:16 UTC | Whiteboard | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=affected,fedora-all/kernel=affected | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=notaffected,fedora-all/kernel=affected |
| Salvatore Bonaccorso | 2016-02-19 16:08:28 UTC | CC | carnil | |
| John Skeoch | 2016-10-04 04:20:53 UTC | CC | pholasek | |
| PnT Account Manager | 2018-02-07 23:10:05 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:13:35 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:01:30 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 14:58:15 UTC | CC | esammons | |
| Product Security DevOps Team | 2019-06-08 02:46:52 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Last Closed | 2019-06-08 02:46:52 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:41:49 UTC | Whiteboard | impact=important,public=20151212,reported=20151228,source=oss-security,cvss2=6.0/AV:L/AC:H/Au:S/C:C/I:C/A:C,cwe=CWE-271,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/kernel-aarch64=notaffected,fedora-all/kernel=affected |
Back to bug 1295287