Medium severity5.5NVD Advisory· Published Oct 13, 2014· Updated Jun 17, 2026
CVE-2014-7970
CVE-2014-7970
Description
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*
- Range: <=3.17
Patches
Vulnerability mechanics
References
16- www.openwall.com/lists/oss-security/2014/10/08/21nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdMailing ListPatchVendor Advisory
- www.spinics.net/lists/linux-fsdevel/msg79153.htmlnvdExploitMailing ListPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.htmlnvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/70319nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1030991nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2419-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2420-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2513-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2514-1nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1842nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2077nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/96921nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/60174nvdBroken Link
- secunia.com/advisories/61142nvdBroken Link
News mentions
0No linked articles in our index yet.