Bug 1226751 (CVE-2014-9717)
| Summary: | CVE-2014-9717 kernel: unsharing MNT_LOCKED mount can expose files beneath the mount. | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | aquini, bhu, blc, dhoward, fhrbata, gansalmon, itamar, jforbes, jkacur, joelsmith, jonathan, jwboyer, kernel-maint, kernel-mgr, lgoncalv, madhu.chinakonda, mchehab, mlangsdo, nmurray, rvrbovsk, slawomir, williams, xzhou |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
It was found that unsharing a mount namespace could allow a user to see data beneath their restricted namespace.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-10-21 00:45:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1226765, 1231595, 1231596 | ||
| Bug Blocks: | 1213949 | ||
|
Description
Wade Mealing
2015-06-01 01:13:54 UTC
Statement: This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1226765] This issue does not affect Red Hat Enterprise Linux at this time as we do not allow creation of user namespaces. This area of code does not exist and has not been backported to current Red Hat Enterprise Linux kernels. *** Bug 1226108 has been marked as a duplicate of this bug. *** |