CVE-2015-1328 – overlayfs privilege escalation

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

Canonical Ubuntu 14.04 LTS with 3.16 kernel

Description

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

Affected Products and Versions

Severity is high unless otherwise noted.

Any Cloud Foundry deployment with Ubuntu Trusty BOSH stemcell prior to version 2989

Mitigation

Users of affected versions should apply the following mitigation:

The Cloud Foundry project recommends upgrading to BOSH 2989 stemcell or later for all Cloud Foundry deployments.

Credit

Philip Pettersson

References

http://www.ubuntu.com/usn/usn-2646-1/
https://bosh.io/stemcells
https://github.com/cloudfoundry/cf-release

CVE-2015-1328 – overlayfs privilege escalation

Severity

Vendor

Versions Affected

Description

Affected Products and Versions

Mitigation

Credit

References

You Might Also Like

USN-4255-2: Linux kernel (HWE) vulnerabilities

CVE-2016-6651 Privilege Escalation in UAA

USN-3777-2: Linux kernel (HWE) vulnerabilities

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!