Privilege Escalation Vulnerability in OverlayFS on Linux Kernel by The Linux Foundation
CVE-2016-1576

7.8HIGH

Key Information:

Vendor

Canonical

Status
Ubuntu Touch
Ubuntu Linux
Ubuntu Core
Vendor
CVE Published:
2 May 2016

What is CVE-2016-1576?

The OverlayFS implementation in the Linux kernel up to version 4.5.2 has a flaw that fails to appropriately restrict the mount namespace. This weakness allows local users to potentially gain elevated privileges. By mounting an OverlayFS filesystem atop a FUSE filesystem and executing a crafted setuid program, attackers can exploit this vulnerability to escalate their privileges.

References

https://launchpadlibrarian.net/235300093/0005-overlayfs-B...
x_refsource_MISC
https://launchpadlibrarian.net/235300225/0006-overlayfs-P...
x_refsource_MISC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linu...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-1576 : Privilege Escalation Vulnerability in OverlayFS on Linux Kernel by The Linux Foundation