CVE-2014-4014 in Linux Kernelinfo

Zusammenfassung (Englisch)

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.

Reservieren

09.06.2014

Veröffentlichung

23.06.2014

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
13585	Linux Kernel capability.c inode_capable erweiterte Rechte	264	Proof-of-Concept	Offizieller Fix	CVE-2014-4014

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Want to know what is going to be exploited?

We predict KEV entries!