VYPR
Unrated severityNVD Advisory· Published Jun 23, 2014· Updated Jun 17, 2026

CVE-2014-4014

CVE-2014-4014

Description

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <3.14.8
    • (no CPE)range: <3.14.8

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.