QwikSec

Security Database

CVE

CWE

Training

CVE-2014-3519

Published: Feb 1, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update

x_refsource_CONFIRM

[oss-security] 20140624 OpenVZ simfs container filesystem breakout

mailing-list

x_refsource_MLIST

https://openvz.org/Download/kernel/rhel6/042stab090.5

x_refsource_CONFIRM

https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-

x_refsource_CONFIRM

https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.