Rapid7 Vulnerability & Exploit Database

F5 Networks: K31026324 (CVE-2015-2925): Linux kernel vulnerabilities CVE-2015-2925, CVE-2015-5307, and CVE-2015-8104

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

F5 Networks: K31026324 (CVE-2015-2925): Linux kernel vulnerabilities CVE-2015-2925, CVE-2015-5307, and CVE-2015-8104

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
11/16/2015
Created
07/25/2018
Added
02/16/2017
Modified
02/01/2018

Description

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."

Solution(s)

  • f5-big-ip-upgrade-latest

References

  • https://support.f5.com/csp/article/K31026324
  • SUSE-SU-2015:2194
  • SUSE-SU-2015:2292
  • SUSE-SU-2016:0335
  • SUSE-SU-2016:0337
  • SUSE-SU-2016:0380
  • SUSE-SU-2016:0381
  • SUSE-SU-2016:0383
  • SUSE-SU-2016:0384
  • SUSE-SU-2016:0386
  • SUSE-SU-2016:0387
  • SUSE-SU-2016:0434
  • RHSA-2015:2636
  • RHSA-2016:0068
  • DLA-325-1
  • DSA-3364
  • DSA-3372
  • 73926
  • USN-2792-1
  • USN-2794-1
  • USN-2795-1
  • USN-2796-1
  • USN-2797-1
  • USN-2798-1
  • USN-2799-1
  • CVE-2015-2925
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;