Vigil@nce - Linux kernel: multiple vulnerabilities of user namespaces
April 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of user namespaces of
the Linux kernel.
Impacted products: Linux
Severity: 1/4
Creation date: 26/04/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in user namespaces
processing of the Linux kernel.
An attacker can use an error of create_user_ns(), in order to
escape from a chroot jail. [severity:1/4; CVE-2013-1956]
An attacker can bypass the MNT_READONLY flag, in order to read
data. [severity:1/4; CVE-2013-1957]
An attacker can use an error of scm_check_creds, in order to
bypass access controls. [severity:1/4; CVE-2013-1958]
A detailed analysis was not performed for this bulletin.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-multiple-vulnerabilities-of-user-namespaces-12720