CVE-2012-0055

HIGH

Linux Kernel < 3.0.0 - Missing Authorization

Title source: rule

Description

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Gary Poster · bashlocallinux
https://www.exploit-db.com/exploits/36571

References (7)

Scores

CVSS v3 7.8
EPSS 0.0039
EPSS Percentile 60.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (3)
canonical/ubuntu_linux 10.04
canonical/ubuntu_linux 11.10
linux/linux_kernel < 3.0.0
Published Feb 19, 2020
Tracked Since Feb 18, 2026