CVE-2008-2931
published 2008-07-09CVE-2008-2931: The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| linux | linux_kernel | < 2.6.22 | 2.6.22 |
| novell | suse_linux_enterprise_desktop | — | — |
| novell | suse_linux_enterprise_server | — | — |
| opensuse | opensuse | 10.3 – 11.0 | — |