QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2925

Published: Nov 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2015:2292

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

[containers] 20150403 [PATCH review 17/19] vfs: Test for and handle paths that are unreachable from their mnt_root

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

http://pkgs.fedoraproject.org/cgit/kernel.git/commit/?h=f22&id=520b64102de2f184036024b2a53de2b67463bd78

x_refsource_CONFIRM

SUSE-SU-2016:0337

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_BID

SUSE-SU-2016:0434

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

SUSE-SU-2015:2194

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0380

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0335

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

[containers] 20150403 [PATCH review 19/19] vfs: Do not allow escaping from bind mounts.

mailing-list

x_refsource_MLIST

SUSE-SU-2016:0383

vendor-advisory

x_refsource_SUSE

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65

x_refsource_CONFIRM

SUSE-SU-2016:0386

vendor-advisory

x_refsource_SUSE

[oss-security] 20150404 Re: Linux namespaces: It is possible to escape from bind mounts

mailing-list

x_refsource_MLIST

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1209367

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37

x_refsource_CONFIRM

SUSE-SU-2016:0384

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/cde93be45a8a90d8c264c776fab63487b5038a65

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1209373

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/397d425dc26da728396e66d392d5dcb8dac30c37

x_refsource_CONFIRM

SUSE-SU-2016:0387

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0381

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.