CVE-2014-4014

Priority
Medium
Description
The capabilities implementation in the Linux kernel before 3.14.8 does not
properly consider that namespaces are inapplicable to inodes, which allows
local users to bypass intended chmod restrictions by first creating a user
namespace, as demonstrated by setting the setgid bit on a file with group
ownership of root.
Ubuntu-Description
A flaw was discovered in the Linux kernel's implementation of user
namespaces with respect to inode permissions. A local user could exploit
this flaw by creating a user namespace to gain administrative privileges.
References
Bugs
Notes
 jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
  supported on the Ubuntu Touch 13.10 preview kernels
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.04 preview kernels
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.13.0-35.62~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
linux-vegetahd:not-affected
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.5.0-54.81~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Patches:
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):released (3.13.0-35.62)
Ubuntu 15.04 (Vivid Vervet):not-affected (3.16.0-23.31)
Ubuntu 15.10 (Wily Werewolf):not-affected (3.19.0-15.15)
Patches:
Introduced by 1a48e2ac034d47ed843081c4523b63c46b46888bFixed by 23adbe12ef7d3d4195e80800ab36b37bee28cd03
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.8.0-44.66~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):released (3.11.0-26.45~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):not-affected
Ubuntu 15.10 (Wily Werewolf):not-affected
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.19.0-18.18~14.04.1)
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):not-affected
Ubuntu 15.10 (Wily Werewolf):not-affected
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.16.0-25.33~14.04.2)
Ubuntu 15.04 (Vivid Vervet):DNE
Ubuntu 15.10 (Wily Werewolf):DNE
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):not-affected
Ubuntu 15.10 (Wily Werewolf):not-affected
Package
linux-krillin:not-affected
Package
Upstream:released (3.16~rc1)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 15.04 (Vivid Vervet):not-affected
Ubuntu 15.10 (Wily Werewolf):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2015-08-26 06:30:33 UTC (commit 9852)