AppArmor Policy Bypass in Ubuntu 14.04 Affected by Miscompilation Flaw
CVE-2014-1424

Currently unrated

Key Information:

Vendor: Canonical
Status: Ubuntu; Apparmor
Vendor: CVE Published:; 24 November 2014

Summary

The apparmor_parser in the AppArmor package prior to version 2.8.95~2430-0ubuntu5.1 on Ubuntu 14.04 contains a flaw that may allow attackers to bypass security policies. This vulnerability arises from unspecified vectors associated with a miscompilation flaw, which could lead to execution of unauthorized commands or access to sensitive information without proper permissions.

References

http://www.ubuntu.com/usn/USN-2413-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Nov 24, 2014
Vulnerability Reserved
Jan 13, 2014