[kernel-sec-discuss] r4623 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 6 12:54:22 UTC 2016
Author: carnil
Date: 2016-09-06 12:54:22 +0000 (Tue, 06 Sep 2016)
New Revision: 4623
Added:
retired/CVE-2016-1575
retired/CVE-2016-1576
Removed:
active/CVE-2016-1575
active/CVE-2016-1576
Log:
Retire now CVE-2016-157{5,6}
Deleted: active/CVE-2016-1575
===================================================================
--- active/CVE-2016-1575 2016-09-06 12:53:38 UTC (rev 4622)
+++ active/CVE-2016-1575 2016-09-06 12:54:22 UTC (rev 4623)
@@ -1,18 +0,0 @@
-Description: Privilege escalation through userns, overlay mounts and setgid flag
-References:
- http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/
-Notes:
- bwh> The exploit depends on unprivileged users being able to create user
- bwh> namespaces (disallowed by default in Debian) and being able to mount
- bwh> overlayfs within a user namespace (only allowed in Ubuntu). But it's
- bwh> possible that an administrator might accidentally set up a
- bwh> configuration that is exploitable.
- bwh> jessie is affected by a similar issue with aufs substituting for
- bwh> overlayfs.
-Bugs:
-upstream: released (4.5-rc1) [e9f57ebcba563e0cd532926cab83c92bb4d79360]
-3.16-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
-3.2-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
-sid: released (4.5.1-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Deleted: active/CVE-2016-1576
===================================================================
--- active/CVE-2016-1576 2016-09-06 12:53:38 UTC (rev 4622)
+++ active/CVE-2016-1576 2016-09-06 12:54:22 UTC (rev 4623)
@@ -1,18 +0,0 @@
-Description: Privilege escalation through overlay and FUSE mounts
-References:
- http://www.halfdog.net/Security/2016/OverlayfsOverFusePrivilegeEscalation/
-Notes:
- bwh> The exploit depends on unprivileged users being able to create user
- bwh> namespaces (disallowed by default in Debian) and being able to mount
- bwh> overlayfs and FUSE within a user namespace (only allowed in Ubuntu).
- bwh> But it's possible that an administrator might accidentally set up a
- bwh> configuration that is exploitable.
- bwh> jessie is affected by a similar issue with aufs substituting for
- bwh> overlayfs.
-Bugs:
-upstream: released (4.5-rc1) [e9f57ebcba563e0cd532926cab83c92bb4d79360]
-3.16-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
-3.2-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
-sid: released (4.5.1-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-1575 (from rev 4622, active/CVE-2016-1575)
===================================================================
--- retired/CVE-2016-1575 (rev 0)
+++ retired/CVE-2016-1575 2016-09-06 12:54:22 UTC (rev 4623)
@@ -0,0 +1,18 @@
+Description: Privilege escalation through userns, overlay mounts and setgid flag
+References:
+ http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/
+Notes:
+ bwh> The exploit depends on unprivileged users being able to create user
+ bwh> namespaces (disallowed by default in Debian) and being able to mount
+ bwh> overlayfs within a user namespace (only allowed in Ubuntu). But it's
+ bwh> possible that an administrator might accidentally set up a
+ bwh> configuration that is exploitable.
+ bwh> jessie is affected by a similar issue with aufs substituting for
+ bwh> overlayfs.
+Bugs:
+upstream: released (4.5-rc1) [e9f57ebcba563e0cd532926cab83c92bb4d79360]
+3.16-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
+3.2-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
+sid: released (4.5.1-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-1576 (from rev 4622, active/CVE-2016-1576)
===================================================================
--- retired/CVE-2016-1576 (rev 0)
+++ retired/CVE-2016-1576 2016-09-06 12:54:22 UTC (rev 4623)
@@ -0,0 +1,18 @@
+Description: Privilege escalation through overlay and FUSE mounts
+References:
+ http://www.halfdog.net/Security/2016/OverlayfsOverFusePrivilegeEscalation/
+Notes:
+ bwh> The exploit depends on unprivileged users being able to create user
+ bwh> namespaces (disallowed by default in Debian) and being able to mount
+ bwh> overlayfs and FUSE within a user namespace (only allowed in Ubuntu).
+ bwh> But it's possible that an administrator might accidentally set up a
+ bwh> configuration that is exploitable.
+ bwh> jessie is affected by a similar issue with aufs substituting for
+ bwh> overlayfs.
+Bugs:
+upstream: released (4.5-rc1) [e9f57ebcba563e0cd532926cab83c92bb4d79360]
+3.16-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
+3.2-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)"
+sid: released (4.5.1-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list