Lucene search
Cloud FoundryCFOUNDRY:B4519034BBEAA8B449687E66D5E64280HistoryJun 17, 2015 - 12:00 a.m.
CVE-2015-1328 - overlayfs privilege escalation | Cloud Foundry
2015-06-1700:00:00
Cloud Foundry
www.cloudfoundry.org
43
0.001 Low
EPSS
Percentile
26.5%
CVE-2015-1328 – overlayfs privilege escalation
High
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 14.04 LTS with 3.16 kernel
Description
Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
Affected Products and Versions
_Severity is high unless otherwise noted.
_
- Any Cloud Foundry deployment with Ubuntu Trusty BOSH stemcell prior to version 2989
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry project recommends upgrading to BOSH 2989 stemcell or later for all Cloud Foundry deployments.
Credit
Philip Pettersson
References
Related
nessus
nessus
Ubuntu 12.04 LTS : linux vulnerability (USN-2640-1)
2015-06-16 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-2645-1)
2015-06-16 00:00:00
Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-2643-1)
2015-06-16 00:00:00
saint
saint
Ubuntu overlayfs privilege elevation
2015-06-26 00:00:00
Ubuntu overlayfs privilege elevation
2015-06-26 00:00:00
Ubuntu overlayfs privilege elevation
2015-06-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2645-1)
2015-06-16 00:00:00
Ubuntu: Security Advisory (USN-2646-1)
2015-06-16 00:00:00
Ubuntu: Security Advisory (USN-2641-1)
2015-06-16 00:00:00
ubuntu
ubuntu
Linux kernel (Utopic HWE) vulnerability
2015-06-15 00:00:00
Linux kernel vulnerability
2015-06-15 00:00:00
Linux kernel (Trusty HWE) vulnerability
2015-06-15 00:00:00
canvas
canvas
Immunity Canvas: OVERLAYFS
2016-11-28 03:59:00
zdt
zdt
Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root Exploit
2015-06-17 00:00:00
Overlayfs Privilege Escalation Exploit
2016-11-02 00:00:00
cve
cve
CVE-2015-1328
2016-11-28 03:59:00
securityvulns
securityvulns
[USN-2647-1] Linux kernel vulnerability
2015-06-21 00:00:00
Linux kernel security vulnerabilities
2015-06-21 00:00:00
packetstorm
packetstorm
Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root
2015-06-16 00:00:00
Overlayfs Privilege Escalation
2016-11-01 00:00:00
nvd
nvd
CVE-2015-1328
2016-11-28 03:59:00
exploitpack
exploitpack
debiancve
debiancve
CVE-2015-1328
2016-11-28 03:59:00
threatpost
threatpost
Ubuntu Patches Privilege-Escalation Bug
2015-06-22 10:16:52
prion
prion
Design/Logic Flaw
2016-11-28 03:59:00
redhatcve
redhatcve
CVE-2015-1328
2015-10-30 10:12:55
ubuntucve
ubuntucve
CVE-2015-1328
2015-06-15 00:00:00
CVE-2018-6559
2018-10-18 00:00:00
cvelist
cvelist
CVE-2015-1328
2016-11-28 03:01:00
exploitdb
exploitdb
mssecure
mssecure
How to proactively defend against Mozi IoT botnet
2021-08-19 18:00:46
metasploit
metasploit
Overlayfs Privilege Escalation
2016-10-05 03:21:53
mmpc
mmpc
How to proactively defend against Mozi IoT botnet
2021-08-19 18:00:46
kitploit
kitploit