OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.
[
{
"product": "OverlayFS",
"vendor": "Linux kernel",
"versions": [
{
"status": "affected",
"version": "before 3.0.0-16.28"
},
{
"status": "affected",
"version": "as used in Ubuntu 10.0.4 LTS and 11.10"
}
]
}
]