cve-2015-1328 overlayfs vulnerability in ubuntu trusty stemcell
Canonical Ubuntu 14.04 LTS with 3.16 kernel
Philip Pettersson discovered a privilege escalation when using overlayfs
mounts inside of user namespaces. A local user could exploit this flaw to
gain administrative privileges on the system.
Affected Pivotal Products and Versions:
Any BOSH deployments (including Cloud Foundry) with Ubuntu Trusty BOSH
stemcell prior to version 2989
The Cloud Foundry project recommends upgrading to BOSH Ubuntu Trusty
stemcell version 2989 or later for all BOSH deployments. The 2989
stemcell has been certified with cf-release v211.
BOSH Stemcells <https://bosh.io/stemcells>
Cloud Foundry Release <https://github.com/cloudfoundry/cf-release>
Exploit details <http://seclists.org/oss-sec/2015/q2/717>