Описание
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Press/Media CoverageThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Mailing ListPatchThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Press/Media CoverageThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Mailing ListPatchThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- US Government Resource
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
The overlayfs implementation in the linux kernel did not properly vali ...
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Уязвимость компонента overlayfs ядра операционной системы Linux, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2