Permissions, Privileges, and Access Controls in Linux kernel - CVE-2014-4014
Published: June 23, 2014 / Updated: August 10, 2020
Vulnerability identifier: #VU41535
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2014-4014
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
How to mitigate CVE-2014-4014
Install update from vendor's website.
Sources
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=23adbe12ef7d3d4195e80800ab36b37bee28cd03
- http://secunia.com/advisories/59220
- http://www.exploit-db.com/exploits/33824
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8
- http://www.openwall.com/lists/oss-security/2014/06/10/4
- http://www.securityfocus.com/bid/67988
- http://www.securitytracker.com/id/1030394
- https://bugzilla.redhat.com/show_bug.cgi?id=1107966
- https://github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03
- https://source.android.com/security/bulletin/2016-12-01.html