Philip Pettersson discovered a privilege escalation when using overlayfsmounts inside of user namespaces. A local user could exploit this flaw togain administrative privileges on the system.
The problem can be corrected by updating your system to the following
To update your system, please follow these instructions:
After a standard system update you need to reboot your computer to makeall the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed. Ifyou use linux-restricted-modules, you have to update that package aswell to get modules which work with the new kernel version. Unless youmanually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-server, linux-powerpc), a standard system upgrade will automaticallyperform this as well.