Unrated severityNVD Advisory· Published Jun 23, 2014· Updated Jun 17, 2026
CVE-2014-4014
CVE-2014-4014
Description
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
10- secunia.com/advisories/59220nvdThird Party Advisory
- www.exploit-db.com/exploits/33824nvdThird Party AdvisoryVDB Entry
- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8nvdVendor Advisory
- www.openwall.com/lists/oss-security/2014/06/10/4nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/67988nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1030394nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- github.com/torvalds/linux/commit/23adbe12ef7d3d4195e80800ab36b37bee28cd03nvdThird Party Advisory
- source.android.com/security/bulletin/2016-12-01.htmlnvdThird Party Advisory
- git.kernel.orgnvd
News mentions
0No linked articles in our index yet.