On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2023-07-26T01:59:23.543Z
Updated: 2024-08-02T06:26:09.894Z
Reserved: 2023-05-10T21:23:35.226Z
Link: CVE-2023-2640
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-26T02:15:09.300
Modified: 2023-08-03T15:10:48.043
Link: CVE-2023-2640
Redhat