[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] [CVE-2021-3493] Ubuntu Linux kernel overlayfs fs caps privilege escalation
From: Steve Beattie <steve.beattie () canonical ! com>
Date: 2021-04-16 15:04:50
Message-ID: 20210416150450.GC5315 () nxnw ! org
[Download RAW message or body]
On Fri, Apr 16, 2021 at 04:53:50PM +0200, Salvatore Bonaccorso wrote:
> Hi Steve,
>
> On Thu, Apr 15, 2021 at 02:31:14PM -0700, Steve Beattie wrote:
> > Hello,
> >
> > An independent security researcher reported via the SSD Secure
> > Disclosure program that the overlayfs stacking file system within the
> > Linux kernel as used within Ubuntu did not properly validate the
> > application of file capabilities against user namespaces.
> >
> > This issue is likely Ubuntu specific, as Ubuntu carries a patch to
> > enable unprivileged overlayfs mounts. The combination of that patch
> > plus allowing unprivileged user namespaces by default in Ubuntu allows
> > an unprivileged attacker to gain elevated privileges.
> >
> > A commit that addresses the issue was applied in the upstream kernel:
> >
> > 7c03e2cda4a5 ("vfs: move cap_convert_nscap() call into vfs_setxattr()") (v5.10)
>
> For completeness, this though was in v5.11-rc1 right?
Yes, sorry, thanks for the correction.
--
Steve Beattie
<sbeattie@ubuntu.com>
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic