Bug 982781 (CVE-2016-2853) - VUL-0: CVE-2016-2853: aufs: The aufs module for the Linux kernel 3.x and 4.x does not properly restrict themount namespace, whi...
Summary: VUL-0: CVE-2016-2853: aufs: The aufs module for the Linux kernel 3.x and 4.x ...
Status: RESOLVED INVALID
Alias: CVE-2016-2853
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: E-mail List
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/162732/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-02 14:01 UTC by Marcus Meissner
Modified: 2016-06-02 14:05 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2016-06-02 14:01:32 UTC 
CVE-2016-2853

The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the
mount namespace, which allows local users to gain privileges by mounting an aufs
filesystem on top of a FUSE filesystem, and then executing a crafted setuid
program.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2853
http://seclists.org/oss-sec/2016/q1/542
http://www.openwall.com/lists/oss-security/2016/02/24/9
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2853.html
http://www.cvedetails.com/cve/CVE-2016-2853/
https://sourceforge.net/p/aufs/mailman/message/34864744/
http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
Comment 1 Marcus Meissner 2016-06-02 14:01:57 UTC 
This kernel external module was never shipped for SUSE, so no SUSE products are affecfted.