blob: 78b5e1ee40f92ba87f3dc3a9e4783bd7f3868c67 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: ovl: fail on invalid uid/gid mapping at copy up
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2159505
https://github.com/chenaotian/CVE-2023-0386
Notes:
carnil> Issue different from CVE-2021-3847.
carnil> Only exploitable after commit 459c7c565ac3 "ovl: unprivieged
carnil> mounts" in 5.11-rc1, or if the Debian-specific module parameter
carnil> permit_mounts_in_userns is enabled.
Bugs:
upstream: released (6.2-rc6) [4f11ada10d0ad3fd53e2bd67806351de63a4f9c3]
6.1-upstream-stable: released (6.1.9) [42fea1c35254c49cce07c600d026cbc00c6d3c81]
5.10-upstream-stable: N/A "Not exploitable in this version"
4.19-upstream-stable: N/A "Not exploitable in this version"
sid: released (6.1.11-1)
6.1-bookworm-security: N/A "Fixed before branch point"
5.10-bullseye-security: released (5.10.179-1) [bugfix/all/ovl-fail-on-invalid-uid-gid-mapping-at-copy-up.patch]
4.19-buster-security: pending (4.19.309-1) [bugfix/all/ovl-fail-on-invalid-uid-gid-mapping-at-copy-up.patch]
|
