It was discovered that a privileged user in the user namespace with access to a bind mount can clear certain mount flags by calling "mount --bind -o remount,... ...". Proposed patches: https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=a6138db815df5ee542d848318e5dae681590fccd https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=07b645589dcda8b7a5249e096fece2a67556f0f4 https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf5af38af5cbb878dad75705 https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130 References: http://seclists.org/oss-sec/2014/q3/357
Statement: Not vulnerable. This issue did not affect the versions of kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, and Red Hat Enterprise Linux MRG 2.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1129669]
kernel-3.15.10-200.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.14.17-100.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.