CVE-2014-3519 - OpenCVE

The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:C/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Openvz	Vzkernel

Configuration 1 [-]

cpe:2.3:o:openvz:vzkernel:2.6.32:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2014/06/24/16
http://www.securityfocus.com/bid/68171
https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-
https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update
https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update
https://openvz.org/Download/kernel/rhel6/042stab090.5

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-02-01T17:00:00

Updated: 2024-08-06T10:50:16.607Z

Reserved: 2014-05-14T00:00:00

Link: CVE-2014-3519

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-02-01T17:29:00.633

Modified: 2018-02-27T18:37:22.923

Link: CVE-2014-3519

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-06-24T00:00:00", "descriptions": [{"lang": "en", "value": "The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-01T16:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "68171", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68171"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"}, {"name": "[oss-security] 20140624 OpenVZ simfs container filesystem breakout", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/06/24/16"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://openvz.org/Download/kernel/rhel6/042stab090.5"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3519", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "68171", "refsource": "BID", "url": "http://www.securityfocus.com/bid/68171"}, {"name": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update", "refsource": "CONFIRM", "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"}, {"name": "[oss-security] 20140624 OpenVZ simfs container filesystem breakout", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/06/24/16"}, {"name": "https://openvz.org/Download/kernel/rhel6/042stab090.5", "refsource": "CONFIRM", "url": "https://openvz.org/Download/kernel/rhel6/042stab090.5"}, {"name": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-", "refsource": "CONFIRM", "url": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"}, {"name": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update", "refsource": "CONFIRM", "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:50:16.607Z"}, "title": "CVE Program Container", "references": [{"name": "68171", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/68171"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"}, {"name": "[oss-security] 20140624 OpenVZ simfs container filesystem breakout", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/06/24/16"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://openvz.org/Download/kernel/rhel6/042stab090.5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3519", "datePublished": "2018-02-01T17:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-08-06T10:50:16.607Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:openvz:vzkernel:2.6.32:*:*:*:*:*:*:*", "matchCriteriaId": "C297A326-053E-4AC0-9A82-18C75CE81808", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure."}, {"lang": "es", "value": "La funci\u00f3n open_by_handle_at en vzkernel en versiones anteriores a la 042stab090.5 en la modificaci\u00f3n OpenVZ para el kernel de Linux en su versi\u00f3n 2.6.32, cuando se utiliza simfs, podr\u00eda permitir que los contenedores de usuarios locales con la caracter\u00edstica CAP_DAC_READ_SEARCH omitan un mecanismo de protecci\u00f3n de contenedores y accedan a archivos arbitrarios en un sistema de archivos mediante vectores relacionados con el uso de la estructura file_handle."}], "id": "CVE-2014-3519", "lastModified": "2018-02-27T18:37:22.923", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-01T17:29:00.633", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/06/24/16"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/68171"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Release Notes", "Vendor Advisory"], "url": "https://openvz.org/Download/kernel/rhel6/042stab090.5"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}