UBUNTU-CVE-2019-15793

HIGH8.8

Published Nov 12, 2019

Modified 5 months ago

Details

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly bypass discretionary access control permissions.

Affected Packages(14 packages)

linux-hwe-edge

Ubuntu 16.04 LTS

Affected versions:

4.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more

linux-azure-edge

Ubuntu 18.04 LTS

Affected versions:

4.18.0-1006.6~18.04.14.18.0-1007.7~18.04.14.18.0-1008.8~18.04.15.0.0-1012.12~18.04.2

linux-gcp-edge

Ubuntu 18.04 LTS

Affected versions:

4.18.0-1004.5~18.04.14.18.0-1005.6~18.04.14.18.0-1006.7~18.04.14.18.0-1007.8~18.04.14.18.0-1008.9~18.04.14.18.0-1009.10~18.04.14.18.0-1011.12~18.04.14.18.0-1012.13~18.04.14.18.0-1013.14~18.04.14.18.0-1015.16~18.04.1+2 more

linux-hwe-edge

Ubuntu 18.04 LTS

Affected versions:

5.0.0-15.16~18.04.15.0.0-16.17~18.04.15.0.0-17.18~18.04.15.0.0-19.20~18.04.15.0.0-20.21~18.04.15.3.0-19.20~18.04.25.3.0-22.24~18.04.15.3.0-23.25~18.04.15.3.0-23.25~18.04.25.3.0-24.26~18.04.2

linux-azure-fde

Ubuntu 20.04 LTS

Affected versions:

5.4.0-1063.66+cvm2.25.4.0-1063.66+cvm3.25.4.0-1064.67+cvm1.15.4.0-1065.68+cvm2.15.4.0-1067.70+cvm1.15.4.0-1068.71+cvm1.15.4.0-1069.72+cvm1.15.4.0-1070.73+cvm1.15.4.0-1072.75+cvm1.15.4.0-1073.76+cvm1.1+16 more

linux-gke

Ubuntu 20.04 LTS

Affected versions:

5.4.0-1033.355.4.0-1035.375.4.0-1036.385.4.0-1037.395.4.0-1039.415.4.0-1041.435.4.0-1042.445.4.0-1043.455.4.0-1044.465.4.0-1046.48+41 more

linux-gkeop

Ubuntu 20.04 LTS

Affected versions:

5.4.0-1008.95.4.0-1009.105.4.0-1010.115.4.0-1011.125.4.0-1012.135.4.0-1013.145.4.0-1014.155.4.0-1015.165.4.0-1016.175.4.0-1018.19+68 more

linux-gkeop-5.15

Ubuntu 20.04 LTS

Affected versions:

5.15.0-1003.5~20.04.25.15.0-1005.7~20.04.15.15.0-1007.10~20.04.15.15.0-1008.12~20.04.15.15.0-1011.15~20.04.25.15.0-1012.16~20.04.15.15.0-1013.17~20.04.15.15.0-1015.19~20.04.15.15.0-1016.21~20.04.15.15.0-1017.22~20.04.1+35 more

linux-raspi2

Ubuntu 20.04 LTS

Affected versions:

5.3.0-1007.85.3.0-1014.165.3.0-1015.175.3.0-1017.195.4.0-1004.45.4.0-1006.6

linux-riscv

Ubuntu 20.04 LTS

Affected versions:

5.4.0-24.285.4.0-26.305.4.0-27.315.4.0-28.325.4.0-30.345.4.0-31.355.4.0-33.375.4.0-34.385.4.0-36.415.4.0-37.42+2 more

References

REPORT

https://ubuntu.com/security/CVE-2019-15793

ADVISORY