The ovl_setattr function in fs/overlayfs/inode.c in the...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 10, 2023
Description
Published by the National Vulnerability Database
Dec 28, 2015
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 10, 2023
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
References