Linux kernel built with the User namespaces(CONFIG_USER_NS) support is vulnerable to a potential 'group' privilege escalation flaw. It could occur when unsharing parts of process' execution context from other processes via unshare(2) or clone(2) calls. A user/process able to unshare parts of its execution context could use this flaw to gain extra 'group' privileges on a system. References: ----------- -> http://thread.gmane.org/gmane.linux.man/7385/ -> http://www.openwall.com/lists/oss-security/2014/11/20/4
Statement: Not vulnerable. This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1170688]
kernel-3.17.8-300.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.17.8-200.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.