USN-2317-1: Linux kernel (Trusty HWE) vulnerabilities
Publication date
18 August 2014
Overview
Several security issues were fixed in the kernel.
Releases
Packages
- linux-lts-trusty - Linux hardware enablement kernel from Trusty
Details
Eric W. Biederman discovered a flaw with the mediation of mount flags in
the Linux kernel's user namespace subsystem. An unprivileged user could
exploit this flaw to by-pass mount restrictions, and potentially gain
administrative privileges. (CVE-2014-5207)
Kenton Varda discovered a flaw with read-only bind mounds when used with
user namespaces. An unprivileged local user could exploit this flaw to gain
full write privileges to a mount that should be read only. (CVE-2014-5206)
Eric W. Biederman discovered a flaw with the mediation of mount flags in
the Linux kernel's user namespace subsystem. An unprivileged user could
exploit this flaw to by-pass mount restrictions, and potentially gain
administrative privileges. (CVE-2014-5207)
Kenton Varda discovered a flaw with read-only bind mounds when used with
user namespaces. An unprivileged local user could exploit this flaw to gain
full write privileges to a mount that should be read only. (CVE-2014-5206)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
12.04 precise | linux-image-3.13.0-34-generic-lpae – 3.13.0-34.60~precise1 | ||
linux-image-3.13.0-34-generic – 3.13.0-34.60~precise1 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
Have additional questions?