[wellylug] Major Ubuntu Linux Vulnerability - all current versions
Mark Foster
blakjak at blakjak.net
Wed Jun 17 11:28:59 NZST 2015
http://seclists.org/oss-sec/2015/q2/717
... "allows a local root privilege escalation in the default
configuration on all currently supported versions of Ubuntu. The
overlayfs filesystem does not correctly check file permissions when
creating new files in the upper filesystem directory. This can be
exploited by an unprivileged process in kernels with CONFIG_USER_NS=y
and where overlayfs has the FS_USERNS_MOUNT flag, which allows the
mounting of overlayfs inside unprivileged mount namespaces. This is the
default configuration of Ubuntu 12.04, 14.04, 14.10, and 15.04 [1]."
This could be something requiring a bit of attention. Heads-up.
There is a simple work-round if you're not using overlayfs, detailed at
the above url.
Mark.
PS: Apol's for the cross-post.
More information about the wellylug
mailing list