Candidate: CVE-2013-1957 PublicDate: 2013-04-24 19:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1957 http://www.openwall.com/lists/oss-security/2013/04/16 Description: The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace. Ubuntu-Description: Notes: Bugs: Priority: high Discovered-by: Andy Lutomirski Assigned-to: CVSS: Patches_linux: break-fix: 0c55cfc4166d9a0f38de779bd4d75a90afbe7734 90563b198e4c6674c63672fae1923da467215f45 break-fix: 0c55cfc4166d9a0f38de779bd4d75a90afbe7734 132c94e31b8bca8ea921f9f96a57d684fa4ae0a9 upstream_linux: released (3.9~rc5) hardy_linux: not-affected lucid_linux: not-affected oneiric_linux: not-affected precise_linux: not-affected quantal_linux: not-affected devel_linux: not-affected (3.8.0-17.27) Patches_linux-ec2: upstream_linux-ec2: released (3.9~rc5) hardy_linux-ec2: DNE lucid_linux-ec2: not-affected oneiric_linux-ec2: DNE precise_linux-ec2: DNE quantal_linux-ec2: DNE devel_linux-ec2: DNE Patches_linux-mvl-dove: upstream_linux-mvl-dove: released (3.9~rc5) hardy_linux-mvl-dove: DNE lucid_linux-mvl-dove: ignored (reached end-of-life) oneiric_linux-mvl-dove: DNE precise_linux-mvl-dove: DNE quantal_linux-mvl-dove: DNE devel_linux-mvl-dove: DNE Patches_linux-ti-omap4: upstream_linux-ti-omap4: released (3.9~rc5) hardy_linux-ti-omap4: DNE lucid_linux-ti-omap4: DNE oneiric_linux-ti-omap4: not-affected precise_linux-ti-omap4: not-affected quantal_linux-ti-omap4: not-affected devel_linux-ti-omap4: not-affected Patches_linux-lts-backport-maverick: upstream_linux-lts-backport-maverick: released (3.9~rc5) hardy_linux-lts-backport-maverick: DNE lucid_linux-lts-backport-maverick: ignored (reached end-of-life) oneiric_linux-lts-backport-maverick: DNE precise_linux-lts-backport-maverick: DNE quantal_linux-lts-backport-maverick: DNE devel_linux-lts-backport-maverick: DNE Patches_linux-fsl-imx51: upstream_linux-fsl-imx51: released (3.9~rc5) hardy_linux-fsl-imx51: DNE lucid_linux-fsl-imx51: ignored (reached end-of-life, does not affect buildd) oneiric_linux-fsl-imx51: DNE precise_linux-fsl-imx51: DNE quantal_linux-fsl-imx51: DNE devel_linux-fsl-imx51: DNE Patches_linux-lts-backport-oneiric: upstream_linux-lts-backport-oneiric: released (3.9~rc5) hardy_linux-lts-backport-oneiric: DNE lucid_linux-lts-backport-oneiric: not-affected oneiric_linux-lts-backport-oneiric: DNE precise_linux-lts-backport-oneiric: DNE quantal_linux-lts-backport-oneiric: DNE devel_linux-lts-backport-oneiric: DNE Patches_linux-linaro-omap: upstream_linux-linaro-omap: released (3.9~rc5) hardy_linux-linaro-omap: DNE lucid_linux-linaro-omap: DNE oneiric_linux-linaro-omap: ignored (abandoned) precise_linux-linaro-omap: ignored (abandoned) quantal_linux-linaro-omap: ignored (abandoned) devel_linux-linaro-omap: ignored (abandoned) Patches_linux-linaro-shared: upstream_linux-linaro-shared: released (3.9~rc5) hardy_linux-linaro-shared: DNE lucid_linux-linaro-shared: DNE oneiric_linux-linaro-shared: ignored (abandoned) precise_linux-linaro-shared: ignored (abandoned) quantal_linux-linaro-shared: ignored (abandoned) devel_linux-linaro-shared: ignored (abandoned) Patches_linux-linaro-vexpress: upstream_linux-linaro-vexpress: released (3.9~rc5) hardy_linux-linaro-vexpress: DNE lucid_linux-linaro-vexpress: DNE oneiric_linux-linaro-vexpress: ignored (abandoned) precise_linux-linaro-vexpress: ignored (abandoned) quantal_linux-linaro-vexpress: ignored (abandoned) devel_linux-linaro-vexpress: ignored (abandoned) Patches_linux-qcm-msm: upstream_linux-qcm-msm: released (3.9~rc5) hardy_linux-qcm-msm: DNE lucid_linux-qcm-msm: ignored (abandoned) oneiric_linux-qcm-msm: ignored (abandoned) precise_linux-qcm-msm: ignored (abandoned) quantal_linux-qcm-msm: ignored (abandoned) devel_linux-qcm-msm: ignored (abandoned) Tags_linux-armadaxp: not-ue Patches_linux-armadaxp: upstream_linux-armadaxp: released (3.9~rc5) hardy_linux-armadaxp: DNE lucid_linux-armadaxp: DNE oneiric_linux-armadaxp: DNE precise_linux-armadaxp: not-affected quantal_linux-armadaxp: not-affected devel_linux-armadaxp: DNE Patches_linux-lts-quantal: upstream_linux-lts-quantal: released (3.9~rc5) hardy_linux-lts-quantal: DNE lucid_linux-lts-quantal: DNE oneiric_linux-lts-quantal: DNE precise_linux-lts-quantal: not-affected quantal_linux-lts-quantal: DNE devel_linux-lts-quantal: DNE