Описание
The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.
Ссылки
- Mailing ListMitigationThird Party Advisory
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- PatchRelease NotesVendor Advisory
- Mailing ListMitigationThird Party Advisory
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- PatchRelease NotesVendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The open_by_handle_at function in vzkernel before 042stab090.5 in the ...
The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.
EPSS
6.5 Medium
CVSS3
4.9 Medium
CVSS2