mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-02 19:53:47 +00:00
886 B
886 B
CVE-2014-8989
Description
The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.
POC
Reference
No PoCs from references.