First Last Prev Next    This bug is not in your last search results.
Bug 900392 - (CVE-2014-7975) VUL-0: CVE-2014-7975: kernel-source: unmount denial of service
(CVE-2014-7975)
VUL-0: CVE-2014-7975: kernel-source: unmount denial of service
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-10-09 07:44 UTC by Victor Pereira
Modified: 2016-04-27 19:31 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
proposed patch (528 bytes, patch)
2014-10-09 07:44 UTC, Victor Pereira 		Details | Diff
testcase (2.33 KB, patch)
2014-10-09 07:47 UTC, Victor Pereira 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2014-10-09 07:44:40 UTC 
Created attachment 609413 [details]
proposed patch

Accessing do_remount_sb should require global CAP_SYS_ADMIN, but
only one of the two call sites was appropriately protected.

patch and proof of concept included:

references:

http://thread.gmane.org/gmane.linux.kernel.stable/109312
Comment 1 Victor Pereira 2014-10-09 07:47:23 UTC 
Created attachment 609415 [details]
testcase
Comment 2 Swamp Workflow Management 2014-10-09 22:00:13 UTC 
bugbot adjusting priority
Comment 4 Michal Marek 2014-11-07 14:55:35 UTC 
This is a1480dcc3c706e309a88884723446f2e84fedd5b now. It has been backported to 3.12.32, so SLE12 is covered.
Comment 5 Miklos Szeredi 2014-12-01 15:31:35 UTC 
bug introduced in v3.8 by

   0c55cfc4166d vfs: Allow unprivileged manipulation of the mount namespace.

Not vulnerable:

  SLE11
  openSUSE-12.3

Already fixed:

  HEAD
  SLE12
  openSUSE-13.2

Fix pushed to:

  openSUSE-13.1
Comment 6 Swamp Workflow Management 2014-12-21 12:10:47 UTC 
openSUSE-SU-2014:1677-1: An update that solves 31 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 818966,835839,853040,856659,864375,865882,873790,875051,881008,882639,882804,883518,883724,883948,883949,884324,887046,887082,889173,890114,891689,892490,893429,896382,896385,896390,896391,896392,896689,897736,899785,900392,902346,902349,902351,904013,904700,905100,905744,907818,908163,909077,910251
CVE References: CVE-2013-2891,CVE-2013-2898,CVE-2014-0181,CVE-2014-0206,CVE-2014-1739,CVE-2014-3181,CVE-2014-3182,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-4171,CVE-2014-4508,CVE-2014-4608,CVE-2014-4611,CVE-2014-4943,CVE-2014-5077,CVE-2014-5206,CVE-2014-5207,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410,CVE-2014-7826,CVE-2014-7841,CVE-2014-7975,CVE-2014-8133,CVE-2014-8709,CVE-2014-9090,CVE-2014-9322
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.16.1, crash-7.0.2-2.16.1, hdjmod-1.28-16.16.1, ipset-6.21.1-2.20.1, iscsitarget-1.4.20.3-13.16.1, kernel-docs-3.11.10-25.2, kernel-source-3.11.10-25.1, kernel-syms-3.11.10-25.1, ndiswrapper-1.58-16.1, pcfclock-0.44-258.16.1, vhba-kmp-20130607-2.17.1, virtualbox-4.2.18-2.21.1, xen-4.3.2_02-30.1, xtables-addons-2.3-2.16.1
Comment 7 Marcus Meissner 2015-03-05 08:03:22 UTC 
released
First Last Prev Next    This bug is not in your last search results.