In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: do_change_type(): se niega a operar en montajes no montados o que no son nuestros. Garantiza que la configuración de propagación solo se pueda cambiar para los montajes ubicados en el espacio de nombres de montaje del invocador. Este cambio alinea la comprobación de permisos con el resto de mount(2).
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
NVD-CWE-noinfo
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b1240> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bfc2a7200> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b703764c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc9f4900> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b1800> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc9f4880> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702d72d08800> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x702bde164880> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |