Chroot Barrier Misconfiguration in Linux 2.4 Kernel by Debian
CVE-2005-4347

Currently unrated

Key Information:

Vendor: Debian
Status: Debian Linux; Kernel-patch-vserver
Vendor: CVE Published:; 31 December 2005

Summary

The vulnerability arises from an improper implementation of the 'chroot barrier' in the Linux 2.4 kernel when used with util-vserver. This flaw enables attackers to potentially access sensitive files on the host system, circumventing the intended restrictions of the virtual environment. It poses a significant risk as it allows unauthorized data exposure and manipulation, undermining the security principles of containment that virtualization technologies rely upon. Users of Debian GNU/Linux should be aware of this issue affecting specific versions of kernel-patch-vserver and util-vserver.

References

http://www.debian.org/security/2006/dsa-1011

vendor-advisoryx_refsource_DEBIAN

https://exchange.xforce.ibmcloud.com/vulnerabilities/25406

vdb-entryx_refsource_XF

http://secunia.com/advisories/19339

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 31, 2005
Vulnerability Reserved
Dec 19, 2005