amar-imamovic

CVE-2023-2640 NOMISEC HIGH WORKING POC

GameOver(lay) Privilege Escalation and Container Escape

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.

CVSS 7.8

View Code

CVE-2023-32629 VULNCHECK_XDB HIGH WORKING POC

Ubuntu Linux - Local Privilege Escalation via OverlayFS Permission Check Bypass

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels

CVSS 7.8

View Code