CVE-2014-7975

Kernel: fs: umount denial of service

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.

La función do_umount en fs/namespace.c en el kernel de Linux hasta 3.17 no requiere la capacidad CAP_SYS_ADMIN para llamadas do_remount_sb que cambian el sistema de ficheros root a sólo lectura, lo que permite a usuarios locales causar una denegación de servicio (pérdida de la habilidad de escritura) mediante la realización de ciertas llamadas a la liberación de sistemas, la limpieza del indicador / MNT_LOCKED, y la realización de una llamada al sistema umount MNT_FORCE.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

Attack Vector

Adjacent

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-10-08 CVE Reserved
2014-10-13 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (21)

URL	Tag	Source
http://secunia.com/advisories/60174	Broken Link
http://secunia.com/advisories/61145	Broken Link
http://secunia.com/advisories/62633	Broken Link
http://secunia.com/advisories/62634	Broken Link
http://thread.gmane.org/gmane.linux.kernel.stable/109312	Broken Link
http://www.openwall.com/lists/oss-security/2014/10/08/22	Mailing List
http://www.securityfocus.com/bid/70314	Third Party Advisory
http://www.securitytracker.com/id/1031180	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/96994	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5	2020-08-14
https://bugzilla.redhat.com/show_bug.cgi?id=1151108	2017-08-01

URL	Date	SRC
http://www.ubuntu.com/usn/USN-2415-1	2020-08-14
http://www.ubuntu.com/usn/USN-2416-1	2020-08-14
http://www.ubuntu.com/usn/USN-2417-1	2020-08-14
http://www.ubuntu.com/usn/USN-2418-1	2020-08-14
http://www.ubuntu.com/usn/USN-2419-1	2020-08-14
http://www.ubuntu.com/usn/USN-2420-1	2020-08-14
http://www.ubuntu.com/usn/USN-2421-1	2020-08-14
https://access.redhat.com/errata/RHSA-2017:1842	2020-08-14
https://access.redhat.com/errata/RHSA-2017:2077	2020-08-14
https://access.redhat.com/security/cve/CVE-2014-7975	2017-08-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				<= 3.17 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.17"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		esm		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.10"		-		Affected