Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-3847 CVE-2016-1575 CVE-2016-2853 CVE-2016-1576

Source

                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: halfdog &lt;me () halfdog net&gt;

Date: Mon, 18 Oct 2021 17:52:51 +0000

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Alon Zahavi writes:

After disclosing the issue with the linux-distros mailing list,
I am reporting the security issue publicly to here. There is
no patch available and may not be available for a long time
because the kernel can't enforce the mitigation proposed, as
that would be a layering violation and could also possibly
cause a regression. This vulnerability was attached with
CVE-2021-3847. Here is the report that was initially sent:
...

Just funny, just hours before this mail I got 3 mails on different
overlayfs copy-up vuln, e.g.

"""
The Precise Pangolin has reached end of life, so this bug will not be
fixed for that release

** Changed in: linux (Ubuntu Precise)
       Status: New =&gt; Won't Fix

-- 
You received this bug notification because you are subscribed to the bug
report.
https://bugs.launchpad.net/bugs/1534961
"""
...

[Bug 1534961] Re: CVE-2016-1575
[Bug 1547400] Re: CVE-2016-2853
[Bug 1535150] Re: CVE-2016-1576

So it is 5 years and not so much changed :-)

Overlayfs and alike where lower privileged user can simultaneously
access lower/upper AND the mounted file system is extremely dangerous
and prone to so many vulns, that nobody should use/allow that.

hd

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Alon Zahavi (Oct 14)

Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up halfdog (Oct 18)

Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Miklos Szeredi (Oct 19)

Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Thadeu Lima de Souza Cascardo (Oct 19)

Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up Miklos Szeredi (Oct 20)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up

Vulmon Search

About

Products

Connect