CVE-2008-2931

Publication date 9 July 2008

Last updated 25 August 2025

Ubuntu priority

Cvss 3 Severity Score

Description

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

From the Ubuntu Security Team

The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	8.04 LTS hardy	Not affected
	7.10 gutsy	Not in release
	7.04 feisty	Not in release
	6.06 LTS dapper	Not in release
linux-source-2.6.15	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	7.04 feisty	Not in release
	6.06 LTS dapper	Fixed 2.6.15-52.71
linux-source-2.6.20	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	7.04 feisty	Fixed 2.6.20-17.39
	6.06 LTS dapper	Not in release
linux-source-2.6.22	8.04 LTS hardy	Not in release
	7.10 gutsy	Not affected
	7.04 feisty	Not in release
	6.06 LTS dapper	Not in release

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.8 · High

Base metrics

Parameter	Value
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality impact	High
Integrity impact	High
Availability impact	High

Scores

Parameter	Value
Base score	7.8 · High
Exploitability score	-
Impact score	-

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

USN-637-1
Linux kernel vulnerabilities
25 August 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-2931