CVE-2014-3519

MEDIUM

vzkernel < 042stab090.5 - Unauthorized File Access via open_by_handle_at

Title source: llm
STIX 2.1

Description

The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/68171
Mailing List, Mitigation, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/06/24/16
Patch, Release Notes, Vendor Advisory x_refsource_confirm
https://openvz.org/Download/kernel/rhel6/042stab090.5

Scores

CVSS v3 6.5
EPSS 0.0044
EPSS Percentile 35.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

CWE
CWE-284
Status published
Products (1)
openvz/vzkernel 2.6.32
Published Feb 01, 2018
Tracked Since Feb 18, 2026