diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2022-02-25 02:54:22 +0100 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2022-02-25 02:58:48 +0100 |
| commit | 322eaf84fa0d24cdfa4acc99ff4a8d5635ab0654 (patch) | |
| tree | 84cf09416b8cf27d0c1ac938e5332bc049c04d28 /active/CVE-2021-3847 | |
| parent | 4f1997da8949bfe55fdc4820e7def805bf3d4be8 (diff) | |
Fill in status for most issues
Diffstat (limited to 'active/CVE-2021-3847')
| -rw-r--r-- | active/CVE-2021-3847 | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/active/CVE-2021-3847 b/active/CVE-2021-3847 index efa4f591..067b8164 100644 --- a/active/CVE-2021-3847 +++ b/active/CVE-2021-3847 @@ -1,14 +1,18 @@ -Description: low-privileged user privileges escalation +Description: ovl: Copy-up from nosuid lower to suid upper could allow priv-esc References: https://bugzilla.redhat.com/show_bug.cgi?id=2009704 https://www.openwall.com/lists/oss-security/2021/10/14/3 Notes: + bwh> Only likely to be exploitable after commit 459c7c565ac3 + bwh> "ovl: unprivieged mounts" in 5.11-rc1, or if the + bwh> Debian-specific module parameter permit_mounts_in_userns + bwh> is enabled. Bugs: -upstream: -5.10-upstream-stable: -4.19-upstream-stable: -4.9-upstream-stable: -sid: -5.10-bullseye-security: -4.19-buster-security: -4.9-stretch-security: +upstream: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +4.9-upstream-stable: needed +sid: needed +5.10-bullseye-security: needed +4.19-buster-security: needed +4.9-stretch-security: needed |