CVE-2015-8660

Updated: 2023-12-06

CWE: Permissions, Privileges, and Access Control

Description:

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

CVSS3: 6.7


Vendor State

OS Vendor version Errata
RHEL 7 3.10.0-327.28.2.el7 RHSA-2016:1539
CentOS 7 3.10.0-327.28.2.el7 CESA-2016:1539
CentOS 7 plus 3.10.0-327.28.2.el7.centos.plus CESA-2016:1539
Oracle Linux 7 3.10.0-327.28.2.el7 ELSA-2016-1539

KernelCare State

OS Original kernel version State
RHEL 7
3.10.0-229.el7 show all hide all
3.10.0-327.18.2.el7 3.10.0-229.14.1.el7 3.10.0-327.4.5.el7 3.10.0-327.3.1.el7 3.10.0-327.13.1.el7 3.10.0-327.4.4.el7 3.10.0-327.22.2.el7 3.10.0-229.4.2.el7 3.10.0-229.7.2.el7 3.10.0-327.10.1.el7 3.10.0-327.el7 3.10.0-229.11.1.el7 3.10.0-229.20.1.el7 3.10.0-229.1.2.el7
Released
CentOS 7
3.10.0-327.3.1.el7 show all hide all
3.10.0-229.7.2.el7 3.10.0-229.11.1.el7 3.10.0-229.el7 3.10.0-327.10.1.el7 3.10.0-229.4.2.el7 3.10.0-327.el7 3.10.0-327.22.2.el7 3.10.0-327.18.2.el7 3.10.0-229.14.1.el7 3.10.0-327.13.1.el7 3.10.0-327.4.4.el7 3.10.0-229.20.1.el7 3.10.0-229.1.2.el7 3.10.0-327.4.5.el7
Released
CentOS 7 plus
3.10.0-229.14.1.el7.centos.plus show all hide all
3.10.0-229.7.2.el7.centos.plus 3.10.0-327.22.2.el7.centos.plus 3.10.0-229.el7.centos.plus 3.10.0-327.10.1.el7.centos.plus 3.10.0-229.4.2.el7.centos.plus 3.10.0-229.1.2.el7.centos.plus 3.10.0-327.13.1.el7.centos.plus 3.10.0-327.4.4.el7.centos.plus 3.10.0-327.18.2.el7.centos.plus 3.10.0-229.11.1.el7.centos.plus 3.10.0-229.20.1.el7.centos.plus 3.10.0-327.el7.centos.plus 3.10.0-327.3.1.el7.centos.plus 3.10.0-327.4.5.el7.centos.plus
Released
Oracle Linux 7
3.10.0-229.7.2.el7 show all hide all
3.10.0-229.1.2.el7 3.10.0-229.4.2.el7 3.10.0-229.el7 3.10.0-327.4.5.el7 3.10.0-229.11.1.el7 3.10.0-327.18.2.el7 3.10.0-327.3.1.el7 3.10.0-327.10.1.el7 3.10.0-327.13.1.el7 3.10.0-327.4.4.el7 3.10.0-327.22.2.el7 3.10.0-229.14.1.el7 3.10.0-327.el7 3.10.0-229.20.1.el7
Released
CloudLinux OS 7
3.10.0-329.7.2.lve1.3.50.el7 show all hide all
3.10.0-329.7.2.lve1.3.55.el7 3.10.0-329.7.2.lve1.3.58.el7 3.10.0-329.7.2.lve1.4.2.el7 3.10.0-329.7.2.lve1.4.4.el7
Released
OEL 7 Dell
Ready For Release
Endurance 7 eig 3.10
Ready For Release
Debian 10 cloud
Will Not Fix
Debian 9 backports
Will Not Fix