Bug 1032340 – VUL-0: CVE-2014-9922: kernel-source: The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack

Bug 1032340 - (CVE-2014-9922) VUL-0: CVE-2014-9922: kernel-source: The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack

(CVE-2014-9922)
Summary:	VUL-0: CVE-2014-9922: kernel-source: The eCryptfs subsystem in the Linux kern...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/182840/
Whiteboard:	CVSSv2:SUSE:CVE-2014-9922:6.9:(AV:L/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2017-04-04 15:18 UTC by Mikhail Kasimov
Modified:	2021-08-25 13:19 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mikhail Kasimov 2017-04-04 15:18:54 UTC

Ref: https://nvd.nist.gov/vuln/detail/CVE-2014-9922
===================================================
Description

The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.

Source:  MITRE      Last Modified:  04/04/2017
===================================================

https://security-tracker.debian.org/tracker/CVE-2014-9922

Fixed by: https://git.kernel.org/linus/69c433ed2ecd2d3264efd7afec4439524b319121


Not sure, if SUSE supports 3.x kernel branch. If no, please, close report as invalid.

Comment 1 Marcus Meissner 2017-04-04 17:43:12 UTC

We do support also 2.6 kernels.

I remember a similar bug though.

patches.suse/ovl09-fs-limit-filesystem-stacking-depth.patch in SLE12/SLE12-SP1 trees.

overlayfs is not supported in older kernels though

Comment 2 Marcus Meissner 2017-04-18 16:06:04 UTC

as we did not have overlayfs on SLE11, only ecryptfs would have been stackable (?)
and so this would not be an issue.

Comment 3 Jeff Mahoney 2017-06-22 19:50:09 UTC

I'm not sure this is actually an issue in SLE11 since we don't allow users to mount arbitrary file systems outside of the GNOME interface.  In any case, it's a trivial fix so I've pushed it for SLE11 SP4.  Newer releases are unaffected as they have always contained this patch.

Comment 4 Swamp Workflow Management 2017-09-04 19:20:39 UTC

SUSE-SU-2017:2342-1: An update that solves 44 vulnerabilities and has 135 fixes is now available.

Category: security (important)
Bug References: 1003077,1005651,1008374,1008850,1008893,1012422,1013018,1013070,1013800,1013862,1016489,1017143,1018074,1018263,1018446,1019168,1020229,1021256,1021913,1022971,1023014,1023051,1023163,1023888,1024508,1024788,1024938,1025235,1025702,1026024,1026260,1026722,1026914,1027066,1027101,1027178,1027565,1028372,1028415,1028880,1029140,1029212,1029770,1029850,1030213,1030552,1030573,1030593,1030814,1031003,1031052,1031440,1031579,1032141,1032340,1032471,1033287,1033336,1033771,1033794,1033804,1033816,1034026,1034670,1035576,1035777,1035920,1036056,1036288,1036629,1037182,1037183,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039348,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042200,1042615,1042633,1042687,1042832,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1044985,1045154,1045340,1045356,1045406,1045416,1045525,1045538,1045547,1045615,1046107,1046122,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,784815,792863,799133,870618,909486,909618,911105,919382,928138,931620,938352,943786,948562,962257,970956,971975,972891,979021,982783,983212,985561,986362,986365,986924,988065,989056,990682,991651,995542,999245
CVE References: CVE-2014-9922,CVE-2015-3288,CVE-2015-8970,CVE-2016-10200,CVE-2016-2188,CVE-2016-4997,CVE-2016-4998,CVE-2016-5243,CVE-2016-7117,CVE-2017-1000363,CVE-2017-1000364,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2636,CVE-2017-2647,CVE-2017-2671,CVE-2017-5669,CVE-2017-5970,CVE-2017-5986,CVE-2017-6074,CVE-2017-6214,CVE-2017-6348,CVE-2017-6353,CVE-2017-6951,CVE-2017-7184,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-7616,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1, kernel-source-rt-3.0.101.rt130-69.5.1, kernel-syms-rt-3.0.101.rt130-69.5.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_debug-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1

Comment 5 Swamp Workflow Management 2017-09-08 16:11:38 UTC

SUSE-SU-2017:2389-1: An update that solves 21 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1000365,1000380,1012422,1013018,1015452,1023051,1029140,1029850,1030552,1030593,1030814,1032340,1032471,1034026,1034670,1035576,1035721,1035777,1035920,1036056,1036288,1036629,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042615,1042633,1042687,1042832,1042863,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1045154,1045356,1045416,1045479,1045487,1045525,1045538,1045547,1045615,1046107,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049128,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,1055680,784815,792863,799133,909618,919382,928138,938352,943786,948562,962257,971975,972891,986924,990682,995542
CVE References: CVE-2014-9922,CVE-2016-10277,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.7.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-source-3.0.101-108.7.1, kernel-syms-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    cluster-network-1.4-2.32.2.14, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4
SUSE Linux Enterprise High Availability Extension 11-SP4 (src):    cluster-network-1.4-2.32.2.14, drbd-8.4.4-0.27.2.1, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    drbd-8.4.4-0.27.2.1, kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1

Comment 6 Marcus Meissner 2017-10-24 09:38:20 UTC

released