CVE-2008-2931 (debian_linux, linux_kernel, opensuse, suse_linux_enterprise_desktop, suse_linux_enterprise_server, ubuntu_linux)

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

View Full Alert

Leave a Reply