CVE-2023-32629
7.8HIGHLocal privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels
Veröffentlicht: 7/26/2023Aktualisiert: 11/21/2024
Beschreibung
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels
KI-AnalyseKI-gestützt
Betroffene Produkte
canonicalubuntu_linux
23.04
Referenzen
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629Third Party Advisory
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.htmlMailing ListPatch
- https://ubuntu.com/security/notices/USN-6250-1Vendor Advisory
- https://wiz.io/blog/ubuntu-overlayfs-vulnerabilityExploit
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629Third Party Advisory
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.htmlMailing ListPatch
- https://ubuntu.com/security/notices/USN-6250-1Vendor Advisory
- https://wiz.io/blog/ubuntu-overlayfs-vulnerabilityExploit