{
  "modified": "2025-08-09T19:01:26Z",
  "published": "2013-04-24T19:55:01Z",
  "id": "CVE-2013-1957",
  "details": "The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/torvalds/linux/commit/132c94e31b8bca8ea921f9f96a57d684fa4ae0a9"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=132c94e31b8bca8ea921f9f96a57d684fa4ae0a9"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/04/16/11"
    }
  ]
}