CVE-2016-2853

HIGH

Linux Kernel < 3.19.8 - Improper Privilege Management

Title source: rule

Description

The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.

Exploits (1)

exploitdb WORKING POC

locallinux

https://www.exploit-db.com/exploits/41761

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory] http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/

[Exploit, Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/02/24/9

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2021/10/18/1

[Broken Link] http://www.securityfocus.com/bid/96839

[Third Party Advisory] https://sourceforge.net/p/aufs/mailman/message/34864744/

Scores

CVSS v3 7.8

EPSS 0.0022

EPSS Percentile 44.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (1)

linux/linux_kernel 3.0.0 - 3.19.8

Published May 02, 2016

Tracked Since Feb 18, 2026