CVE-2014-7975
Kernel: fs: umount denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.
La función do_umount en fs/namespace.c en el kernel de Linux hasta 3.17 no requiere la capacidad CAP_SYS_ADMIN para llamadas do_remount_sb que cambian el sistema de ficheros root a sólo lectura, lo que permite a usuarios locales causar una denegación de servicio (pérdida de la habilidad de escritura) mediante la realización de ciertas llamadas a la liberación de sistemas, la limpieza del indicador / MNT_LOCKED, y la realización de una llamada al sistema umount MNT_FORCE.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-10-08 CVE Reserved
- 2014-10-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (21)
URL | Tag | Source |
---|---|---|
http://secunia.com/advisories/60174 | Broken Link | |
http://secunia.com/advisories/61145 | Broken Link | |
http://secunia.com/advisories/62633 | Broken Link | |
http://secunia.com/advisories/62634 | Broken Link | |
http://thread.gmane.org/gmane.linux.kernel.stable/109312 | Broken Link | |
http://www.openwall.com/lists/oss-security/2014/10/08/22 | Mailing List | |
http://www.securityfocus.com/bid/70314 | Third Party Advisory | |
http://www.securitytracker.com/id/1031180 | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/96994 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.ubuntu.com/usn/USN-2415-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2416-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2417-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2418-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2419-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2420-1 | 2020-08-14 | |
http://www.ubuntu.com/usn/USN-2421-1 | 2020-08-14 | |
https://access.redhat.com/errata/RHSA-2017:1842 | 2020-08-14 | |
https://access.redhat.com/errata/RHSA-2017:2077 | 2020-08-14 | |
https://access.redhat.com/security/cve/CVE-2014-7975 | 2017-08-01 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.17 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.17" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.10" | - |
Affected
|