Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20150604135744.3617A6C0050@smtpvmsrv1.mitre.org>
Date: Thu,  4 Jun 2015 09:57:44 -0400 (EDT)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request Linux kernel: ns: user namespaces panic

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> From: ebiederm@...ssion.com (Eric W. Biederman)
>> 
>> The core issue is that a unprivileged user could call umount(MNT_DETACH)
>> and in the right circumstances gain access to every file on essentially
>> any filesystem in the mount namespace.
>> 
>> e0c9c0afd2fc958ffa34b697972721d81df8a56f mnt: Update detach_mounts to leave mounts connected
>> is the real bug fix that fixes a fairly scary issue.

> From: P J P <ppandit@...hat.com>
> 
> Thank you so much for throwing light on the real issue and
> its corresponding fix.

As far as we can tell, the new information is extremely important but
the original CVE request remains valid as well.

Use CVE-2015-4176 for the issue fixed in
e0c9c0afd2fc958ffa34b697972721d81df8a56f. This code change is present
in 4.0.2.

Use CVE-2015-4177 for the issue fixed in
cd4a40174b71acd021877341684d8bb1dc8ea4ae. This code change is not
present in 4.0.2.

Use CVE-2015-4178 for the issue fixed in
820f9f147dcce2602eefd9b575bbbd9ea14f0953. This code change is not
present in 4.0.2.

Earlier messages in this thread suggest why
cd4a40174b71acd021877341684d8bb1dc8ea4ae and
820f9f147dcce2602eefd9b575bbbd9ea14f0953 can be treated as different
types of problems.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVcFiAAAoJEKllVAevmvmsPdoIAIOhSovjCxHR7BbxfDPTjowL
x4RtY/SVcOVCYLOeM6ys68joTPB+ZPk9CkoShgWBphI895hwBPpIc8nHxk5GjZMq
PRekCMzaq3ODAbT9JDiEirbOf2YHQJ7PAq3on5ifBZuP7y+K/bXrrjPIfqceWsiM
19e/evfP5ilmFHyVgnU3k12+2Q/LrDttVownh+5dnTL0MnPnwQ5jJP4c0bU5TvG4
Ws3Gvc+vTheTvn6fNYP76ynn/UlNnJPY40DIPOBM4qdpSJjLYUwUZSqrzGHaKO13
DUa+X4AfLo/BR/nj4vuHz6uXrW99++tC1T2R1N8ai0ORlN9n5eiORiU+BdEiYco=
=JpSG
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.