The overlayfs implementation in the linux (aka Linux kernel) package prior to 3.19.0-21.21 in Ubuntu up to and including 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux |
||
linux linux kernel |