CVE-2015-4176

Published: May 2, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20150604 Re: Re: CVE request Linux kernel: ns: user namespaces panic

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1249442

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/e0c9c0afd2fc958ffa34b697972721d81df8a56f

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-4176

Description

Affected Products

References