[security-announce] Kernel:fs/userns: Security update

Sona Sarmadi sona.sarmadi at enea.com
Tue Feb 17 13:35:35 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

          	Enea Linux Security Advisory
=========================================================
Product/package: kernel (FSL kernel: 3.8.11)
Severity: Important
Issue date: 2015-02-16
CVE Names: CVE-2014-4014 possible privilege escalation in
                         user namespace
Layer: meta-enea
=========================================================

A security patch that fixes a potential privilege escalation flaw
when the kernel is built with the user namespaces(CONFIG_USER_NS)
is now available at http://linux.enea.com/4.0/patches:

README file: 0039-PPC-kernel-fs-userns-CVE-2014-4014.README
Patch file:  0039-PPC-kernel-fs-userns-CVE-2014-4014.patch

Description
===========
The capabilities implementation in the Linux kernel before
3.14.8 does not properly consider that namespaces are inapplicable
to inodes, which allows local users to bypass intended chmod
restrictions by first creating a user namespace, as demonstrated
by setting the setgid bit on a file with group ownership of root.

References
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
cd Enea-Linux-4.0/poky/meta-enea
wget
http://linux.enea.com/4.0/patches/0039-PPC-kernel-fs-userns-CVE-2014-4014.patch
patch -p1 < ./0039-PPC-kernel-fs-userns-CVE-2014-4014.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU4zWXAAoJEHc+9u9ocWoU3HgQAKcS9RzXlXSkaOo2AgLVDcuz
dxz2ARPruMXsNBOtZ5HvvGz5GogEnURADg9Ubfgt/P79DLxtukMrHzISW0X/sLnR
ceytHBo0D7CjTqIOJC64NzJtErBaqBElcX5e1dR2PGrDNXln6+2qtRXrIoiCpg28
z8cV9UzFoFwC03ROvD8iOFK6wbmgyvLZSYXflAEz48mpDGXvMAp5K2NIrW7w5K9u
cGvD0CyKQFDzc4Y0IJv6bxN5aYn9TfFWMCOWRQ7hOaAWKq2GlTIWLUCwgptDkZIc
XKGdGS1w8VFMK8v6NEoFWlSeZATnWJqHlTDFhQsdzbr5k1H0KhSYSJZtgT+QR2X5
QyPMfyvZSWdsuQRQ7KOhH2EB7znD3wSJrTf3/U1dhODvIrd4QsW3ok8enCTK/6x9
aK6+2X2ijMVkt0aNJywt+V2KtJC2ycmjHOJH1CUH5lacZHKZ8NieXimMgBq1CAhI
SSN8JFUGEMkymyUDou2FtNw2Lv7Ck+4x4DyUm7AdfYIOE+ACQA5pk0GmJRdOkwkk
EH7eA8HRKInaZlQwbhxdAPL4Fnk30qDvMXpyJwnI8VXsEfPzVGjE1MpBtxgabXkp
raEyDt3TJ4xS3aaFHV01wRfoRAiMeHlBFtGUyDeIGq4dGBvCDV18iYxxXRwyX0kT
BU8adOIluZhXStvshpaf
=MCfX
-----END PGP SIGNATURE-----



More information about the security-announce mailing list