Wind River Support Network

HomeDefectsLIN8-2471

Fixed

LIN8-2471 : Security Advisory - linux - CVE-2015-8709

Created: Jan 13, 2016 Updated: Dec 3, 2018

Resolved Date: Sep 8, 2017

Found In Version: 8.0

Fix Version: 8.0.0.22

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Kernel

Description

Linux kernel built with the User Namespaces(CONFIG_USER_NS) support is vulnerable to a potential privilege escalation flaw. It could occur when a root owned process tries to enter a user namespace, wherein a user attempts to attach the entering process via ptrace(1). A privileged name space user could use this flaw to potentially escalate their privileges on the system.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8709

Other Downloads

Wind River Linux 8.0.0.22
Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2015-8709