Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8660

Опубликовано: 28 дек. 2015
Источник: debian
EPSS Средний

Описание

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.3.3-3package
linuxnot-affectedjessiepackage
linuxnot-affectedwheezypackage
linux-2.6not-affectedpackage

Примечания

  • Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=acff81ec2c79492b180fade3c2894425cd35a545 (v4.4-rc4)

  • OverlayFS introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)

  • https://www.openwall.com/lists/oss-security/2015/12/23/5

EPSS

Процентиль: 98%
0.65916
Средний

Связанные уязвимости

ubuntu логотип

CVE-2015-8660

CVSS3: 6.7
ubuntu
больше 9 лет назад

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

redhat логотип

CVE-2015-8660

redhat
больше 9 лет назад

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

nvd логотип

CVE-2015-8660

CVSS3: 6.7
nvd
больше 9 лет назад

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

github логотип

GHSA-2m7p-qcqr-gfv2

CVSS3: 6.7
github
около 3 лет назад

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

oracle-oval логотип

ELSA-2016-3593

oracle-oval
почти 9 лет назад

ELSA-2016-3593: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 98%
0.65916
Средний