[kernel-sec-discuss] r3469 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 14 20:10:28 UTC 2014
Author: jmm
Date: 2014-08-14 20:10:27 +0000 (Thu, 14 Aug 2014)
New Revision: 3469
Added:
active/CVE-2014-5206
active/CVE-2014-5207
Log:
new userns issues
Added: active/CVE-2014-5206
===================================================================
--- active/CVE-2014-5206 (rev 0)
+++ active/CVE-2014-5206 2014-08-14 20:10:27 UTC (rev 3469)
@@ -0,0 +1,12 @@
+Description: ro bind mount bypass using user namespaces
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c03332+8608299cd6fac06ea50130
+ http://www.openwall.com/lists/oss-security/2014/08/12/6
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: N/A "User namespaces not usable"
+sid: needed
+3.2-wheezy-security: N/A "User namespaces not usable"
+2.6.32-squeeze-security: N/A "User namespaces not usable"
+3.2-upstream-stable: N/A "User namespaces not usable"
Added: active/CVE-2014-5207
===================================================================
--- active/CVE-2014-5207 (rev 0)
+++ active/CVE-2014-5207 2014-08-14 20:10:27 UTC (rev 3469)
@@ -0,0 +1,12 @@
+Description: ro bind mount bypass using user namespaces
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf+5af38af5cbb878dad75705
+ http://www.openwall.com/lists/oss-security/2014/08/12/6
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable: N/A "User namespaces not usable"
+sid: needed
+3.2-wheezy-security: N/A "User namespaces not usable"
+2.6.32-squeeze-security: N/A "User namespaces not usable"
+3.2-upstream-stable: N/A "User namespaces not usable"
More information about the kernel-sec-discuss
mailing list