VYPR
Unrated severityNVD Advisory· Published Aug 18, 2014· Updated Jun 17, 2026

CVE-2014-5206

CVE-2014-5206

Description

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=3.8,<3.10.55
    • (no CPE)range: <=3.16.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.