127 matches found
CVE-2019-15793
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...
Design/Logic Flaw
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...
Design/Logic Flaw
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...
Design/Logic Flaw
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace calls fdgetoldfd, then without further checks passes the resulting file into shiftfsrealfdget, which casts file-privatedata, a void that points to a filesystem-depende...
Input validation
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...
CVE-2019-15794
CVE-2019-15794 describes a refcount underflow in the overlayfs/shiftfs error path when used with aufs patches. Specifically, both the Overlayfs and shiftfs patches in the Ubuntu 5.0 and 5.3 kernel series replace vma->vm_file in mmap handlers, and on error do not restore the original value; the...
CVE-2019-15794 Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...
CVE-2019-15792
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace calls fdgetoldfd, then without further checks passes the resulting file into shiftfsrealfdget, which casts file-privatedata, a void that points to a filesystem-depende...
CVE-2019-15793
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...
CVE-2019-15792 Type confusion in shiftfs
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace calls fdgetoldfd, then without further checks passes the resulting file into shiftfsrealfdget, which casts file-privatedata, a void that points to a filesystem-depende...
CVE-2019-15792
CVE-2019-15792 affects the shiftfs implementation in Ubuntu's kernel series (5.0 and 5.3), where shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd) and passes the resulting file* to shiftfs_real_fdget(), casting file->private_data (a void*) to a struct shiftfs_file_info *. Since private_data ...
CVE-2019-15793
CVE-2019-15793 concerns a shiftfs issue in Ubuntu’s patched Linux kernel (5.0/5.3). The bug translated user/group IDs to init_user_ns instead of the lower filesystem’s s_user_ns, risking bypass of discretionary access control. Consequence: local attacker could exploit the mis-translation to acces...
CVE-2019-15793 Mishandling of file-system uid/gid with namespaces in shiftfs
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...
CVE-2019-15791 Reference count underflow in shiftfs
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...
CVE-2019-15791
CVE-2019-15791 describes a refcount underflow in the Linux kernel shiftfs implementation caused by a non-upstream patch in Ubuntu 5.0/5.3 kernels: shiftfs_btrfs_ioctl_fd_replace() can create a file descriptor to a lower-filesystem file without an extra reference, and closing the FD after the btrf...
CVE-2019-15791
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...
The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to a data type conversion error. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to increase their privileges.
The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4209-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4209-1 advisory. Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operatio...