ubuntu-translations-coordinators team mailing list archive
-
ubuntu-translations-coordinators team
-
Mailing list archive
-
Message #09643
[Bug 1547400] [NEW] CVE-2016-2853
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug:
When aufs module is loaded with "modprobe aufs allow_userns",
unprivileged user can use xattrs on the working directory or aufs mount
over a fuse mount to create SUID/SGID binaries, thus escalating
privileges. These errors are quite similar to those on overlayfs:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1535150
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1534961
aufs developers have already confirmed and issued a fix:
https://sourceforge.net/p/aufs/mailman/message/34864744/
Specific reproducers can be found at:
http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
InvitedOnly AkgY8iqF
# lsb_release -rd
Description: Ubuntu 15.10
Release: 15.10
# apt-cache policy linux-image-4.2.0-27-generic
linux-image-4.2.0-27-generic:
Installed: 4.2.0-27.32
Candidate: 4.2.0-27.32
Version table:
*** 4.2.0-27.32 0
500 http://archive.ubuntu.com/ubuntu/ wily-updates/main amd64 Packages
500 http://archive.ubuntu.com/ubuntu/ wily-security/main amd64 Packages
100 /var/lib/dpkg/status
** Affects: ubuntu-translations
Importance: Undecided
Status: New
** Affects: linux (Ubuntu)
Importance: Low
Status: Confirmed
** Affects: linux-armadaxp (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-flo (Ubuntu)
Importance: Low
Status: New
** Affects: linux-goldfish (Ubuntu)
Importance: Low
Status: New
** Affects: linux-lts-quantal (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-utopic (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-vivid (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-wily (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-lts-xenial (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-mako (Ubuntu)
Importance: Low
Status: New
** Affects: linux-manta (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux-raspi2 (Ubuntu)
Importance: Low
Status: New
** Affects: linux-snapdragon (Ubuntu)
Importance: Low
Status: New
** Affects: linux-ti-omap4 (Ubuntu)
Importance: Low
Status: Invalid
** Affects: linux (Ubuntu Precise)
Importance: Low
Status: New
** Affects: linux-armadaxp (Ubuntu Precise)
Importance: Low
Status: New
** Affects: linux-flo (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-goldfish (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-quantal (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu Precise)
Importance: Low
Status: New
** Affects: linux-lts-utopic (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-vivid (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-wily (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-lts-xenial (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-mako (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-manta (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-raspi2 (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-snapdragon (Ubuntu Precise)
Importance: Low
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Precise)
Importance: Low
Status: New
** Affects: linux (Ubuntu Trusty)
Importance: Low
Status: New
** Affects: linux-armadaxp (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-flo (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-goldfish (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-lts-quantal (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-lts-utopic (Ubuntu Trusty)
Importance: Low
Status: New
** Affects: linux-lts-vivid (Ubuntu Trusty)
Importance: Low
Status: New
** Affects: linux-lts-wily (Ubuntu Trusty)
Importance: Low
Status: New
** Affects: linux-lts-xenial (Ubuntu Trusty)
Importance: Low
Status: New
** Affects: linux-mako (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-manta (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-raspi2 (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-snapdragon (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Trusty)
Importance: Low
Status: Invalid
** Affects: linux (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-armadaxp (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-flo (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-goldfish (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-lts-quantal (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-utopic (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-vivid (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-wily (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-lts-xenial (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-mako (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-manta (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-raspi2 (Ubuntu Wily)
Importance: Low
Status: New
** Affects: linux-snapdragon (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Wily)
Importance: Low
Status: Invalid
** Affects: linux (Ubuntu Xenial)
Importance: Low
Status: Confirmed
** Affects: linux-armadaxp (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-flo (Ubuntu Xenial)
Importance: Low
Status: New
** Affects: linux-goldfish (Ubuntu Xenial)
Importance: Low
Status: New
** Affects: linux-lts-quantal (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-utopic (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-vivid (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-wily (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-lts-xenial (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-mako (Ubuntu Xenial)
Importance: Low
Status: New
** Affects: linux-manta (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux-raspi2 (Ubuntu Xenial)
Importance: Low
Status: New
** Affects: linux-snapdragon (Ubuntu Xenial)
Importance: Low
Status: New
** Affects: linux-ti-omap4 (Ubuntu Xenial)
Importance: Low
Status: Invalid
** Affects: linux (Ubuntu Yakkety)
Importance: Low
Status: Confirmed
** Affects: linux-armadaxp (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-flo (Ubuntu Yakkety)
Importance: Low
Status: New
** Affects: linux-goldfish (Ubuntu Yakkety)
Importance: Low
Status: New
** Affects: linux-lts-quantal (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-trusty (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-utopic (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-vivid (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-wily (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-lts-xenial (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-mako (Ubuntu Yakkety)
Importance: Low
Status: New
** Affects: linux-manta (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Affects: linux-raspi2 (Ubuntu Yakkety)
Importance: Low
Status: New
** Affects: linux-snapdragon (Ubuntu Yakkety)
Importance: Low
Status: New
** Affects: linux-ti-omap4 (Ubuntu Yakkety)
Importance: Low
Status: Invalid
** Tags: kernel-cve-skip-description kernel-cve-tracking-bug kernel-da-key
--
CVE-2016-2853
https://bugs.launchpad.net/bugs/1547400
You received this bug notification because you are a member of Ubuntu Translations Coordinators, which is subscribed to Ubuntu Translations.