vulnerability

Ubuntu: USN-4712-1: Linux kernel regression

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
2021-01-28
Added
2021-01-29
Modified
2025-02-19

Description


USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem.


We apologize for the inconvenience.


Original vulnerability details:


Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files.

Solution(s)

ubuntu-upgrade-linux-image-5-4-0-65-genericubuntu-upgrade-linux-image-5-4-0-65-generic-lpaeubuntu-upgrade-linux-image-5-4-0-65-lowlatencyubuntu-upgrade-linux-image-5-8-0-41-genericubuntu-upgrade-linux-image-5-8-0-41-generic-64kubuntu-upgrade-linux-image-5-8-0-41-generic-lpaeubuntu-upgrade-linux-image-5-8-0-41-lowlatencyubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-18-04ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.