[PATCH 0/1][B] CVE-2018-6559 - Filename information disclosure in overlayfs
Tyler Hicks
tyhicks at canonical.com
Fri Oct 19 16:45:38 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html
https://launchpad.net/bugs/1793458/
The overlayfs implementation in the linux (aka Linux kernel) package in Ubuntu
did not properly check permissions for read operations on directories in the
lower filesystem directory, which allows local users to obtain names of files
in which they would not normally be able to access by performing an overlayfs
mount inside of a user namespace.
I've tested this change with a QRT regression test that I wrote as well as the
unionmount-testsuite:
https://github.com/amir73il/unionmount-testsuite.git
This issue is related to a portion of CVE-2015-1328 that was reintroduced into
the Ubuntu kernel. This bug comment describes the situation:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1793458/comments/4
As mentioned above, I wrote a QRT test for this issue so that we don't
accidentally drop our SAUCE patch in the future.
Tyler
More information about the kernel-team
mailing list