4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict
the mount namespace, which allows local users to gain privileges by
mounting an aufs filesystem on top of a FUSE filesystem, and then executing
a crafted setuid program.
Author | Note |
---|---|
sbeattie | requires aufs module inserted with allow_userns option, which is not the default fixed in upstream aufs on 2016-02-19, marking kernel’s that imported aufs branches after that as not-affected |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | linux | < 4.4.0-222.255 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-aws | < 4.4.0-1102.107 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws | < 4.4.0-1138.152 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-xenial | < 4.4.0-222.255~14.04.1 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-kvm | < 4.4.0-1103.112 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-gcp-4.15 | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-nvidia | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gkeop-5.15 | < any | UNKNOWN |
www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
launchpad.net/bugs/cve/CVE-2016-2853
nvd.nist.gov/vuln/detail/CVE-2016-2853
security-tracker.debian.org/tracker/CVE-2016-2853
sourceforge.net/p/aufs/mailman/message/34864744/
ubuntu.com/security/notices/USN-5343-1
www.cve.org/CVERecord?id=CVE-2016-2853
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%