Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2014-8989

Disclosure Date: November 30, 2014 •

Description

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a “negative groups” issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

linux

Products

References

Canonical

CVE-2014-8989 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8989)

BID-71154 (http://www.securityfocus.com/bid/71154)

Advisory

FEDORA-2015-0517 (http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html)

USN-2515-1 (http://www.ubuntu.com/usn/USN-2515-1)

USN-2518-1 (http://www.ubuntu.com/usn/USN-2518-1)

http://www.mandriva.com/security/advisories?name=MDVSA-2015:058

FEDORA-2015-0515 (http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html)

http://thread.gmane.org/gmane.linux.man/7385

USN-2517-1 (http://www.ubuntu.com/usn/USN-2517-1)

[oss-security] 20141120 Re: Linux user namespaces can bypass group-based restrictions - Linux kernel (http://www.openwall.com/lists/oss-security/2014/11/20/4)

USN-2516-1 (http://www.ubuntu.com/usn/USN-2516-1)

Rapid7

Technical Analysis