CVE-2014-8989

high

Description

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.

References

http://www.ubuntu.com/usn/USN-2518-1

http://www.ubuntu.com/usn/USN-2517-1

http://www.ubuntu.com/usn/USN-2516-1

http://www.ubuntu.com/usn/USN-2515-1

http://www.securityfocus.com/bid/71154

http://www.openwall.com/lists/oss-security/2014/11/20/4

http://www.mandriva.com/security/advisories?name=MDVSA-2015:058

http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html

Details

Source: Mitre, NVD

Published: 2014-11-30

Updated: 2017-01-03

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High