Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.
No PoCs from references.
- https://github.com/bygregonline/devsec-fastapi-report
- https://github.com/robertsirc/sle-bci-demo
- https://github.com/shakyaraj9569/Documentation