CVE-2023-2640-CVE-2023-32629-Interactive-PoC

CVE-2023-2640 & CVE-2023-32629 GameOverLay - Real Host Root...

Astra Linux - уязвимость в linux

The overlayfs implementation in the Linux kernel failed to properly validate, regarding user namespaces, the setting of file capabilities on files in the underlying file system. Due to the combination of unprivileged user namespaces and a patch carried in the Ubuntu kernel that allows unprivilege...

USN-8275-1 linux-xilinx-zynqmp vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8255-2: Linux kernel (Azure) vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8255-1: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001104 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003384 advisory. An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003147 advisory. An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414573 advisory. A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain acce...

CVE-2021-3847

...

AZL-25742 CVE-2023-0386 affecting package kernel for versions less than 5.15.107.1-2

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...

DEBIAN-CVE-2023-0386

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...

UBUNTU-CVE-2021-3847

An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system...