First published: Mon May 02 2016(Updated: )
Last updated 29 November 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=3.0.0<=3.19.8 | |
Linux Linux kernel | >=4.0.0<=4.20.15 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2016-2854.
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
The Linux kernel versions 3.x and 4.x.
By leveraging a group-writable setgid directory.
Yes, updating to Linux kernel version 4.4.0-222.255 or higher will address this vulnerability.