Ubuntu Update For Linux USN-2318-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. (CVE-2014-5207) Kenton Varda discovered a flaw with read-only bind mounds when used with user namespaces. An unprivileged local user could exploit this flaw to gain full write privileges to a mount that should be read only. (CVE-2014-5206)

Affected

linux on Ubuntu 14.04 LTS

Severity

Classification

CVE CVE-2014-5206, CVE-2014-5207

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for emacs21 vulnerability USN-504-1
Ubuntu Update for ffmpeg vulnerabilities USN-1104-1
Ubuntu Update for bind9 vulnerability USN-1070-1
Ubuntu Update for cups-filters USN-2210-1
Ubuntu Update for clamav vulnerabilities USN-1031-1

Ubuntu Update for linux USN-2318-1

Take action and discover your vulnerabilities