CVE-2015-1328

high-risk
Published 2016-11-28

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Do I need to act?

!
89.4% chance of exploitation in next 30 days
EPSS score — higher than 11% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
3 public exploits available
40688, 37292, 37293
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (2)

Affected Vendors

Canonical Linux

References (12)

Mailing List http://seclists.org/oss-sec/2015/q2/717
Exploit http://www.exploit-db.com/exploits/40688/
Third Party Advisory http://www.securityfocus.com/bid/75206
Vendor Advisory https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html
Third Party Advisory https://security-tracker.debian.org/tracker/CVE-2015-1328
https://www.exploit-db.com/exploits/37292/
Mailing List http://seclists.org/oss-sec/2015/q2/717
Exploit http://www.exploit-db.com/exploits/40688/
Third Party Advisory http://www.securityfocus.com/bid/75206
Vendor Advisory https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html
Third Party Advisory https://security-tracker.debian.org/tracker/CVE-2015-1328
https://www.exploit-db.com/exploits/37292/
58
/ 100
high-risk
Severity 24/34 · High
Exploitability 27/34 · High
Exposure 7/34 · Low