CVE-2016-2853

The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.

Published: May 2, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-2853
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	4.0.0	4.20.15.x
linux / linux_kernel	3.0.0	3.19.8.x

http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
http://www.openwall.com/lists/oss-security/2016/02/24/9
http://www.openwall.com/lists/oss-security/2021/10/18/1
http://www.securityfocus.com/bid/96839
https://sourceforge.net/p/aufs/mailman/message/34864744/

Vulnerability Database

CVE-2016-2853