[ubuntu-hardened] Overlayfs over Fuse Privilege Escalation in USERNS.
daniel curtis
sidetripping at gmail.com
Tue Mar 1 18:55:37 UTC 2016
Hello.
I would like to ask a question about issues that could allow a local
unprivileged attacker to gain privileges etc. Generally, I mean these two
situations called, "Overlayfs over Fuse Privilege Escalation in USERNS",
described e.g. here:
* http://www.openwall.com/lists/oss-security/2016/02/24/7
* http://www.openwall.com/lists/oss-security/2016/02/24/8
If it is about "Trusty" or "Vivid" etc., releases, the status is: 'Fix
Released' while for "Precise" it is: 'New' with 'Importance: Medium' (see
Bug #1534961). There is an Ubuntu Security Notice (USN 2908-4) published on
February 26, 2016 (more: http://lwn.net/Articles/677951/).
CVE ID's: CVE-2016-1575 CVE-2016-1576.
LP: #1534961, #1535150.
Will there be available an update for the "Precise"? If yes, when?
Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20160301/b6f10dc9/attachment.html>
More information about the ubuntu-hardened
mailing list