diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-11 08:47:43 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-11 08:47:43 +0200 |
commit | ca3ef57a3f64d38e8daf56d0994eedbb854d611c (patch) | |
tree | bb56c6c4131a4fa0ab17e90a732a1906d90a388e /active/CVE-2023-0386 | |
parent | e77a9691aa932011b416ae4126679d0ce4e7bca9 (diff) |
Add information on CVE-2023-0386
Diffstat (limited to 'active/CVE-2023-0386')
-rw-r--r-- | active/CVE-2023-0386 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/active/CVE-2023-0386 b/active/CVE-2023-0386 index 145bc137..7ea07213 100644 --- a/active/CVE-2023-0386 +++ b/active/CVE-2023-0386 @@ -1,8 +1,12 @@ Description: ovl: fail on invalid uid/gid mapping at copy up References: https://bugzilla.redhat.com/show_bug.cgi?id=2159505 + https://github.com/chenaotian/CVE-2023-0386 Notes: carnil> Issue different from CVE-2021-3847. + carnil> Only exploitable after commit 459c7c565ac3 "ovl: unprivieged + carnil> mounts" in 5.11-rc1, or if the Debian-specific module parameter + carnil> permit_mounts_in_userns is enabled. Bugs: upstream: released (6.2-rc6) [4f11ada10d0ad3fd53e2bd67806351de63a4f9c3] 6.1-upstream-stable: released (6.1.9) [42fea1c35254c49cce07c600d026cbc00c6d3c81] |