[Lucid][Precise][Trusty][Utopic][CVE-2014-7975] fs: Add a missing permission check to do_umount
Luis Henriques
luis.henriques at canonical.com
Tue Oct 21 16:14:22 UTC 2014
From: Andy Lutomirski <luto at amacapital.net>
Accessing do_remount_sb should require global CAP_SYS_ADMIN, but
only one of the two call sites was appropriately protected.
Fixes CVE-2014-7975.
Signed-off-by: Andy Lutomirski <luto at amacapital.net>
(cherry picked from commit a1480dcc3c706e309a88884723446f2e84fedd5b)
CVE-2014-7975
BugLink: http://bugs.launchpad.net/bugs/1383358
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
fs/namespace.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/namespace.c b/fs/namespace.c
index d6e1c030b961..cb83c66d5280 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1080,6 +1080,8 @@ static int do_umount(struct vfsmount *mnt, int flags)
* Special case for "unmounting" root ...
* we just try to remount it readonly.
*/
+ if (!capable(CAP_SYS_ADMIN))
+ return -EPERM;
down_write(&sb->s_umount);
if (!(sb->s_flags & MS_RDONLY))
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
--
2.1.0
More information about the kernel-team
mailing list