From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from out02.mta.xmission.com ([166.70.13.232]:60513 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755107AbdJIPvD (ORCPT ); Mon, 9 Oct 2017 11:51:03 -0400 From: ebiederm@xmission.com (Eric W. Biederman) To: Ben Hutchings Cc: Thomas Deutschmann , "stable\@vger.kernel.org" , luto@amacapital.net References: <1507495372.2677.90.camel@decadent.org.uk> Date: Mon, 09 Oct 2017 10:50:40 -0500 In-Reply-To: <1507495372.2677.90.camel@decadent.org.uk> (Ben Hutchings's message of "Sun, 08 Oct 2017 21:42:52 +0100") Message-ID: <87o9pg5nhr.fsf@xmission.com> MIME-Version: 1.0 Content-Type: text/plain Subject: Re: Patch "mnt: Prevent pivot_root from creating a loop in the mount tree" (CVE-2014-7970) is missing in 3.2 stable tree Sender: stable-owner@vger.kernel.org List-ID: Ben Hutchings writes: > On Wed, 2016-11-23 at 03:04 +0100, Thomas Deutschmann wrote: >> Hi, >> >> the following patch was backported to the following LTS kernels >> >> - >=3.16.35 >> - >=3.12.33 >> - >=3.10.60 >> - >=3.4.106 >> >> >> however it is missing from LTS kernels >> >> - linux-3.2 > [...] > > pivot_root() is only available with CAP_SYS_ADMIN, and 3.2 doesn't > support capabilities in user namespaces. So I don't believe this has > any security impact. Agreed. It will prevent root shooting themselves in the foot, in a way that should never have been allowed. There is no danger of an unprivileged user triggering this. If the patch applies cleanly to 3.2 it won't hurt and may help. But for 3.2 it would be just an ordinary bug fix. Eric