The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel up to and including 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |