CVE-2014-1421
First published: Tue Nov 25 2014(Updated: )
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.
Credit: security@ubuntu.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ubuntu | =14.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-1421?
CVE-2014-1421 is classified as a medium severity vulnerability.
How do I fix CVE-2014-1421?
To fix CVE-2014-1421, you should update to the latest Ubuntu release or apply the available patches for mountall.
What vulnerabilities are related to CVE-2014-1421?
CVE-2014-1421 primarily relates to local access control issues and privilege escalation.
Who is affected by CVE-2014-1421?
CVE-2014-1421 affects local users of Ubuntu 14.10 who have access to the mount utility.
What are the potential risks of CVE-2014-1421?
The potential risks of CVE-2014-1421 include unauthorized file system access and the ability for local users to bypass intended access restrictions.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/14.10