Updated: 2023-12-06
CWE: Permissions, Privileges, and Access Control
Description:
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
CVSS3: 6.7
OS | Vendor version | Errata |
---|---|---|
RHEL 7 | 3.10.0-327.28.2.el7 | RHSA-2016:1539 |
CentOS 7 | 3.10.0-327.28.2.el7 | CESA-2016:1539 |
CentOS 7 plus | 3.10.0-327.28.2.el7.centos.plus | CESA-2016:1539 |
Oracle Linux 7 | 3.10.0-327.28.2.el7 | ELSA-2016-1539 |
OS | Original kernel version | State |
---|---|---|
RHEL 7 |
3.10.0-229.el7
show all
hide all
3.10.0-327.18.2.el7
3.10.0-229.14.1.el7
3.10.0-327.4.5.el7
3.10.0-327.3.1.el7
3.10.0-327.13.1.el7
3.10.0-327.4.4.el7
3.10.0-327.22.2.el7
3.10.0-229.4.2.el7
3.10.0-229.7.2.el7
3.10.0-327.10.1.el7
3.10.0-327.el7
3.10.0-229.11.1.el7
3.10.0-229.20.1.el7
3.10.0-229.1.2.el7
|
Released |
CentOS 7 |
3.10.0-327.3.1.el7
show all
hide all
3.10.0-229.7.2.el7
3.10.0-229.11.1.el7
3.10.0-229.el7
3.10.0-327.10.1.el7
3.10.0-229.4.2.el7
3.10.0-327.el7
3.10.0-327.22.2.el7
3.10.0-327.18.2.el7
3.10.0-229.14.1.el7
3.10.0-327.13.1.el7
3.10.0-327.4.4.el7
3.10.0-229.20.1.el7
3.10.0-229.1.2.el7
3.10.0-327.4.5.el7
|
Released |
CentOS 7 plus |
3.10.0-229.14.1.el7.centos.plus
show all
hide all
3.10.0-229.7.2.el7.centos.plus
3.10.0-327.22.2.el7.centos.plus
3.10.0-229.el7.centos.plus
3.10.0-327.10.1.el7.centos.plus
3.10.0-229.4.2.el7.centos.plus
3.10.0-229.1.2.el7.centos.plus
3.10.0-327.13.1.el7.centos.plus
3.10.0-327.4.4.el7.centos.plus
3.10.0-327.18.2.el7.centos.plus
3.10.0-229.11.1.el7.centos.plus
3.10.0-229.20.1.el7.centos.plus
3.10.0-327.el7.centos.plus
3.10.0-327.3.1.el7.centos.plus
3.10.0-327.4.5.el7.centos.plus
|
Released |
Oracle Linux 7 |
3.10.0-229.7.2.el7
show all
hide all
3.10.0-229.1.2.el7
3.10.0-229.4.2.el7
3.10.0-229.el7
3.10.0-327.4.5.el7
3.10.0-229.11.1.el7
3.10.0-327.18.2.el7
3.10.0-327.3.1.el7
3.10.0-327.10.1.el7
3.10.0-327.13.1.el7
3.10.0-327.4.4.el7
3.10.0-327.22.2.el7
3.10.0-229.14.1.el7
3.10.0-327.el7
3.10.0-229.20.1.el7
|
Released |
CloudLinux OS 7 |
3.10.0-329.7.2.lve1.3.50.el7
show all
hide all
3.10.0-329.7.2.lve1.3.55.el7
3.10.0-329.7.2.lve1.3.58.el7
3.10.0-329.7.2.lve1.4.2.el7
3.10.0-329.7.2.lve1.4.4.el7
|
Released |
OEL 7 Dell | |
Ready For Release |
Endurance 7 eig 3.10 | |
Ready For Release |
Debian 10 cloud | |
Will Not Fix |
Debian 9 backports | |
Will Not Fix |