Description
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Exploits (1)
References (6)
Core 6
Core References
Patch, Vendor Advisory x_refsource_misc
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9f57ebcba563e0cd532926cab83c92bb4d79360
Third Party Advisory x_refsource_confirm
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1575.html
Exploit, Third Party Advisory x_refsource_misc
http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/02/24/7
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2021/10/18/1
Third Party Advisory x_refsource_confirm
https://launchpad.net/bugs/1534961
Scores
CVSS v3
7.8
EPSS
0.0053
EPSS Percentile
67.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (8)
canonical/ubuntu_core
15.04
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
15.10
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
16.10
canonical/ubuntu_touch
15.04
linux/linux_kernel
< 4.5.2
Published
May 02, 2016
Tracked Since
Feb 18, 2026