Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-4014

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.

Published

2014-06-23T11:21:17.793

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.2 (MEDIUM)

CVSSv2 Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

1.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 3.14.8	Yes

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=23adbe12ef7d3d4195e80800ab36b37bee28cd03 ([email protected])
http://secunia.com/advisories/59220 Third Party Advisory ([email protected])
http://www.exploit-db.com/exploits/33824 Third Party Advisory, VDB Entry ([email protected])
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 Vendor Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2014/06/10/4 Mailing List, Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/67988 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1030394 Third Party Advisory, VDB Entry ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1107966 Issue Tracking, Third Party Advisory ([email protected])
https://github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03 Third Party Advisory ([email protected])
https://source.android.com/security/bulletin/2016-12-01.html Third Party Advisory ([email protected])
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=23adbe12ef7d3d4195e80800ab36b37bee28cd03 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59220 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/33824 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2014/06/10/4 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/67988 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1030394 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1107966 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://source.android.com/security/bulletin/2016-12-01.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)