The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu touch 15.04 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 16.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu core 15.04 |