CVE-2014-4014
Linux Kernel 3.13 - SGID Privilege Escalation
Severity Score
6.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
La implementación de capacidades en el kernel de Linux anterior a 3.14.8 no considera debidamente que los espacios de nombres no sean aplicables a inodos, lo que permite a usuarios locales evadir restricciones chmod mediante la creación anterior de un espacio de nombre de usuario, tal y como fue demostrado mediante la configuración del bit setgid en un fichero con propiedad de grupo del root.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-06-09 CVE Reserved
- 2014-06-21 CVE Published
- 2014-06-21 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=23adbe12ef7d3d4195e80800ab36b37bee28cd03 | X_refsource_confirm | |
| http://secunia.com/advisories/59220 | Third Party Advisory | |
| http://www.openwall.com/lists/oss-security/2014/06/10/4 | Mailing List |
|
| http://www.securityfocus.com/bid/67988 | Third Party Advisory | |
| http://www.securitytracker.com/id/1030394 | Third Party Advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1107966 | Issue Tracking | |
| https://github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03 | Third Party Advisory | |
| https://source.android.com/security/bulletin/2016-12-01.html | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/33824 | 2014-06-21 | |
| http://www.exploit-db.com/exploits/33824 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.14.8 Search vendor "Linux" for product "Linux Kernel" and version " < 3.14.8" | - |
Affected
| ||||||