CVE-2015-2925 (retired)

Priority
Description
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4
does not properly handle rename actions inside a bind mount, which allows
local users to bypass an intended container protection mechanism by
renaming a directory, related to a "double-chroot attack."
Ubuntu-Description
It was discovered that in certain situations, a directory could be renamed
outside of a bind mounted location. An attacker could use this to escape
bind mount containment and gain access to sensitive information.
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
 kamal> See gmane-151103 article for more backport discussion, specifically
  that Eric B.'s backport eliminates the requirement for this patch:
  70291ae namei: lift (open-coded) terminate_walk() in follow_dotdot_rcu() into callers
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-93.133)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by cde93be45a8a90d8c264c776fab63487b5038a65
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 397d425dc26da728396e66d392d5dcb8dac30c37
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1659.83])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [was needed now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [was needs-triage now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [was needed now end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-67.110~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (4.3~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1473.95])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-08-23 09:06:20 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)