blob: e7b599de44b84f1f9111b4fcddcc2c5507ddfaa3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: overlayfs fs caps privilege escalation
References:
https://www.openwall.com/lists/oss-security/2021/04/16/1
Notes:
carnil> Debian ships as well a patch to allow enable unprivileged
carnil> overlayfs mounts. Cf. #913880 present since 4.19.9-1 upload.
carnil> One needs to explicitly load the module though with
carnil> permit_mounts_in_userns (which will issue as well a security
carnil> warning).
Bugs:
upstream: released (5.11-rc1) [7c03e2cda4a584cadc398e8f6641ca9988a39d52]
5.10-upstream-stable: needed
4.19-upstream-stable: needed
4.9-upstream-stable:
sid: needed
4.19-buster-security: needed
4.9-stretch-security:
|
