|Description||nfsd in the Linux kernel before 188.8.131.52 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)|
|NVD severity||medium (attack range: local)|
The information below is based on the following data on fixed versions.
[etch] - linux-2.6 <not-affected> (Issue was introduced after 2.6.24 release)
- linux-2.6.24 <not-affected> (Issue was introduced after 2.6.24 release)