Bugzilla – Bug 933970
VUL-0: CVE-2015-4177: kernel-source: [ns: user namespaces panic -- lack of state identification]
Last modified: 2015-06-12 10:57:43 UTC
Use CVE-2015-4177 for the issue fixed in
cd4a40174b71acd021877341684d8bb1dc8ea4ae. This code change is not
present in 4.0.2.
Linux kernel built with the user namespaces support(CONFIG_USER_NS) is vulnerable to a NULL pointer dereference flaw. It could occur when users in user namespaces do unmount mounts.
An unprivileged user could use this flaw to crash the system resulting in DoS.
It was introduced by:
Thank you Drew Fisher for reporting this issue to Fedora Security Team.
bugbot adjusting priority
Duplicate of bug 933970 I guess.
Yeah, bouncing back.
*** This bug has been marked as a duplicate of bug 933969 ***