• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel 'do_change_type()' Local Security Bypass Vulnerability

The Linux kernel is prone to a local security-bypass vulnerability because the 'do_change_type()' routine fails to adequately verify user permissions before performing mountpoint type changes.

Attackers can exploit this issue to bypass security restrictions and change mountpoint types. Attackers could mark private mounts as sharable to gain access to potentially sensitive information. Other attacks are also possible.

Linux kernel 2.6.15-rc1 to 2.6.21 are vulnerable.