Linux kernel prepend_path Function Security Restriction Bypass Vulnerability (CVE-2015-2925)

Linux kernel prepend_path Function Security Restriction Bypass Vulnerability (CVE-2015-2925)
Linux kernel prepend_path Function Security Restriction Bypass Vulnerability (CVE-2015-2925)

Release date:
Updated on:

Affected Systems:

Linux kernel 〈 4.2.4

Description:

CVE (CAN) ID: CVE-2015-2925

Linux Kernel is the Kernel of the Linux operating system.

In versions earlier than Linux kernel 4.2.4, The prepend_path function in fs/dcache. c does not correctly process the RENAME operation in the binding and installation. After a local user renames the directory, the target container protection mechanism can be bypassed.

<* Source: Prasad J Pandit
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4
Https://bugzilla.redhat.com/show_bug.cgi? Id = 1209367
Http://pkgs.fedoraproject.org/cgit/kernel.git/commit? H = f22 & id = 520b64102de2f184036024b2a53de2b67463bd78
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = cde93be45a8a90d8c776fab63487b5038a65
Https://github.com/torvalds/linux/commit/cde93be45a8a90d8c264c776fab63487b5038a65
Https://bugzilla.redhat.com/show_bug.cgi? Id = 1209373

Linux Kernel 4.2.2 compilation and installation tutorial

Ubuntu 15.10 will use the Linux Kernel 4.2 Kernel

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: