Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 拒绝服务漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 4.0.5之前版本的fs/namespace.c文件中的‘collect_mounts’函数存在安全漏洞,该漏洞源于程序没有正确考虑‘collect_mounts’函数可能在路径取消挂载后执行。本地攻击者可借助MNT_DETACH umount2系统调用的user-namespace root访问权限利用该漏洞造成拒绝服
CVSS Information
N/A
Vulnerability Type
N/A