Skip to content

Commit

Permalink
fs: Add a missing permission check to do_umount
Browse files Browse the repository at this point in the history 
Accessing do_remount_sb should require global CAP_SYS_ADMIN, but
only one of the two call sites was appropriately protected.

Fixes CVE-2014-7975.

Signed-off-by: Andy Lutomirski <luto@amacapital.net>
  • Loading branch information
Andy Lutomirski committed Oct 8, 2014
1 parent bfe01a5 commit a1480dc
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions fs/namespace.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1356,6 +1356,8 @@ static int do_umount(struct mount *mnt, int flags)
* Special case for "unmounting" root ...
* we just try to remount it readonly.
*/
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
down_write(&sb->s_umount);
if (!(sb->s_flags & MS_RDONLY))
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
Expand Down

0 comments on commit a1480dc

Please sign in to comment.