Lucene search
K

27 matches found

bdu_fstec
bdu_fstec
added 2021/10/05 12:0 a.m.6 views

The vulnerability of the overlayfs component in the Linux operating system’s kernel allows for insecure privilege management. This enables attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the overlayfs component in the Linux operating system’s kernel involves ignoring user name spaces when configuring file permissions in the underlying file system. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, a...

7.8CVSS6.9AI score0.43988EPSS
Exploits27References11Affected Software3
osv
osv
added 2021/05/03 7:36 a.m.14 views

LSN-0076-1 Kernel Live Patch Security Notice

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT compil...

8.8CVSS8.3AI score0.43988EPSS
Exploits27References3
gitee
gitee
added 2021/04/25 4:5 p.m.6 views

Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux

PoC exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu OverlayFS. The target is the Linux kernel, specifically the overlayfs file system, which did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker coul...

8.8CVSS7AI score0.43988EPSS
Exploits27
ptsecurity
ptsecurity
added 2021/04/12 12:0 a.m.13 views

PT-2021-4253

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to the fixed version Description The overlayfs implementation in the Linux kernel did not properly validate the setting of file capabilities on files in an underlying file system with respect to user namespaces. Thi...

8.8CVSS7.2AI score0.43988EPSS
Exploits28References70
osv
osv
added 2016/05/02 10:59 a.m.7 views

CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS7.4AI score0.00923EPSS
Exploits2References6
osv
osv
added 2016/01/05 9:3 p.m.4 views

USN-2857-2 linux-lts-vivid vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

7.2CVSS6.7AI score0.22374EPSS
Exploits12References2
exploitpack
exploitpack
added 2015/06/16 12:0 a.m.56 views

Linux Kernel 3.13.0 3.19 (Ubuntu 12.0414.0414.1015.04) - overlayfs Local Privilege Escalation (Access etcshadow)

Linux Kernel 3.13.0 3.19 Ubuntu 12.0414.0414.1015.04 - overlayfs Local Privilege Escalation Access etcshadow The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels wi...

7.2CVSS0.7AI score0.37679EPSS
Exploits22
Rows per page
Query Builder