Upstream information

CVE-2013-1957 at MITRE


The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.7
Vector AV:L/AC:M/Au:N/C:C/I:N/A:N
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact None
Availability Impact None

Note from the SUSE Security Team

This problem only affected Linux kernel 3.8 and was not backported to older code branches. So no SUSE Linux Enterprise version was affected.

SUSE Bugzilla entries: 825001 [CLOSED / UPSTREAM], 825003 [RESOLVED / UPSTREAM]

No SUSE Security Announcements cross referenced.