cve-2015-1328 overlayfs vulnerability in ubuntu trusty stemcell

Home Messages Hashtags Subgroups

James Bayer #497 CVE-2015-1328Severity: High Vendor: Canonical Ubuntu Versions Affected: Canonical Ubuntu 14.04 LTS with 3.16 kernel Description: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Affected Pivotal Products and Versions: - Any BOSH deployments (including Cloud Foundry) with Ubuntu Trusty BOSH stemcell prior to version 2989 Mitigation: - The Cloud Foundry project recommends upgrading to BOSH Ubuntu Trusty stemcell version 2989 or later for all BOSH deployments. The 2989 stemcell has been certified with cf-release v211. Credit: Philip Pettersson References: Canonical: http://www.ubuntu.com/usn/usn-2646-1/ Other: BOSH Stemcells <https://bosh.io/stemcells> Cloud Foundry Release <https://github.com/cloudfoundry/cf-release> Exploit details <http://seclists.org/oss-sec/2015/q2/717> -- Thank you, James Bayer attachment.html attachment.html
More All Messages By This Member

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.