CVE-2016-2853
First published: Mon May 02 2016(Updated: )
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >=3.0.0<=3.19.8 | |
| Linux Linux kernel | >=4.0.0<=4.20.15 | |
| ubuntu/linux | <4.4.0-222.255 | 4.4.0-222.255 |
| ubuntu/linux-aws | <4.4.0-1102.107 | 4.4.0-1102.107 |
| ubuntu/linux-aws | <4.4.0-1138.152 | 4.4.0-1138.152 |
| ubuntu/linux-lts-xenial | <4.4.0-222.255~14.04.1 | 4.4.0-222.255~14.04.1 |
| ubuntu/linux-kvm | <4.4.0-1103.112 | 4.4.0-1103.112 |
| debian/linux | 4.19.249-2 4.19.304-1 5.10.209-2 5.10.216-1 6.1.76-1 6.1.90-1 6.7.12-1 6.8.11-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
- http://www.openwall.com/lists/oss-security/2016/02/24/9
- http://www.openwall.com/lists/oss-security/2021/10/18/1
- http://www.securityfocus.com/bid/96839
- https://sourceforge.net/p/aufs/mailman/message/34864744/
- https://launchpad.net/bugs/cve/CVE-2016-2853
- https://security-tracker.debian.org/tracker/CVE-2016-2853
- https://ubuntu.com/security/notices/USN-5343-1
- https://www.cve.org/CVERecord?id=CVE-2016-2853
- https://nvd.nist.gov/vuln/detail/CVE-2016-2853
- https://ubuntu.com/security/CVE-2016-2853
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2016-2853.
What is the title of the vulnerability?
The title of the vulnerability is 'The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace'.
What is the description of the vulnerability?
The description of the vulnerability is 'The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.'
Which software is affected by this vulnerability?
The vulnerability affects the Linux kernel versions 3.x and 4.x.
How can attackers exploit this vulnerability?
Attackers can exploit this vulnerability by mounting an aufs filesystem on top of a FUSE filesystem and then executing a crafted setuid program.
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/description
- agent/weakness
- agent/severity
- collector/usn-cve
- source/Ubuntu
- collector/security-tracker-debian
- source/Debian
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/3.0.0
- version/linux linux kernel/3.19.8
- version/linux linux kernel/4.0.0
- version/linux linux kernel/4.20.15
- package-manager/ubuntu
- package-manager/debian