[v3.0] kernel: mnt: ro bind mount bypass using user namespaces (CVE-2014-5206 CVE-2014-5207)
Two issues have been fixed in upstream:
mnt: Add tests for unprivileged remount cases that have found to be
faulty
mnt: Correct permission checks in do_remount
References:
CONFIRM: http://seclists.org/oss-sec/2014/q3/357
COMMIT:
https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130
COMMIT:
https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf5af38af5cbb878dad75705
(from redmine: issue id 3305, created on 2014-08-15, closed on 2017-05-17)
- Relations:
- parent #3300