Authorization Bypass

Linux kernel is vulnerable to authorization bypass. The ovlsetattr function in fs/overlayfs/inode.c attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2015-8660

CVE-2015-8660 targets the ovl_setattr path in Linux overlayfs (fs/overlayfs/inode.c) up to kernel 4.3.3. The issue arises from attempting to merge distinct setattr operations, allowing local users to bypass access restrictions and modify attributes of arbitrary overlay files via a crafted applica...

CVE-2015-8660

The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application...

CVE-2015-8660

The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application...