Early Access — Mondoo Vulnerability Intelligence is currently in preview.
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
3.11.0-12.193.12.0-1.33.12.0-2.53.12.0-2.73.12.0-3.83.12.0-3.93.12.0-4.103.12.0-4.123.12.0-5.133.12.0-7.15+75 more3.13.0-79.1234.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-2.164.4.0-4.19+2 more4.4.0-8.234.4.0-1002.24.4.0-1001.104.4.0-1003.34.8.0-36.36~16.04.13.16.0-25.33~14.04.23.16.0-26.35~14.04.13.16.0-28.37~14.04.13.16.0-28.38~14.04.13.16.0-29.39~14.04.13.16.0-30.40~14.04.13.16.0-31.41~14.04.13.16.0-31.43~14.04.13.16.0-33.44~14.04.13.16.0-34.45~14.04.1+25 more3.16.0-62.82~14.04.13.19.0-18.18~14.04.13.19.0-20.20~14.04.13.19.0-21.21~14.04.13.19.0-22.22~14.04.13.19.0-23.24~14.04.13.19.0-25.26~14.04.13.19.0-26.28~14.04.13.19.0-28.30~14.04.13.19.0-30.33~14.04.13.19.0-30.34~14.04.1+10 more3.19.0-51.57~14.04.14.2.0-18.22~14.04.14.2.0-19.23~14.04.14.2.0-21.25~14.04.14.2.0-22.27~14.04.14.2.0-23.28~14.04.14.2.0-25.30~14.04.14.2.0-27.32~14.04.14.2.0-30.35~14.04.14.4.0-13.29~14.04.1Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H