Launchpad.net

CVE 2016-2853

The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.

Related bugs and status

CVE-2016-2853 (Candidate) is related to these bugs:

Bug #1547400: CVE-2016-2853

		In	Importance	Status
1547400	CVE-2016-2853	linux (Ubuntu)	Low	Confirmed
1547400	CVE-2016-2853	linux-lts-trusty (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-armadaxp (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-xenial (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-wily (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-goldfish (Ubuntu)	Low	New
1547400	CVE-2016-2853	linux-lts-saucy (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-quantal (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-raspi2 (Ubuntu)	Low	New
1547400	CVE-2016-2853	linux-lts-vivid (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux (Ubuntu Precise)	Low	Won't Fix
1547400	CVE-2016-2853	linux-armadaxp (Ubuntu Precise)	Low	Won't Fix
1547400	CVE-2016-2853	linux-goldfish (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-quantal (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-saucy (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-trusty (Ubuntu Precise)	Low	Won't Fix
1547400	CVE-2016-2853	linux-lts-vivid (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-wily (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-xenial (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-raspi2 (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux (Ubuntu Trusty)	Low	New
1547400	CVE-2016-2853	linux-armadaxp (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-goldfish (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-quantal (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-saucy (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-trusty (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-vivid (Ubuntu Trusty)	Low	New
1547400	CVE-2016-2853	linux-lts-wily (Ubuntu Trusty)	Low	New
1547400	CVE-2016-2853	linux-lts-xenial (Ubuntu Trusty)	Low	New
1547400	CVE-2016-2853	linux-raspi2 (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux (Ubuntu Wily)	Low	New
1547400	CVE-2016-2853	linux-armadaxp (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-goldfish (Ubuntu Wily)	Low	New
1547400	CVE-2016-2853	linux-lts-quantal (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-saucy (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-trusty (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-vivid (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-wily (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-xenial (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-raspi2 (Ubuntu Wily)	Low	New
1547400	CVE-2016-2853	linux (Ubuntu Xenial)	Low	Confirmed
1547400	CVE-2016-2853	linux-armadaxp (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-goldfish (Ubuntu Xenial)	Low	New
1547400	CVE-2016-2853	linux-lts-quantal (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-saucy (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-trusty (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-vivid (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-wily (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-xenial (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-raspi2 (Ubuntu Xenial)	Low	New
1547400	CVE-2016-2853	linux-mako (Ubuntu)	Low	New
1547400	CVE-2016-2853	linux-mako (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-mako (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-mako (Ubuntu Wily)	Low	New
1547400	CVE-2016-2853	linux-mako (Ubuntu Xenial)	Low	New
1547400	CVE-2016-2853	linux-ti-omap4 (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-ti-omap4 (Ubuntu Precise)	Low	Won't Fix
1547400	CVE-2016-2853	linux-ti-omap4 (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-ti-omap4 (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-ti-omap4 (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-utopic (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-utopic (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-utopic (Ubuntu Trusty)	Low	New
1547400	CVE-2016-2853	linux-lts-utopic (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-utopic (Ubuntu Xenial)	Low	Invalid
1547400	CVE-2016-2853	linux-flo (Ubuntu)	Low	New
1547400	CVE-2016-2853	linux-flo (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-flo (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-flo (Ubuntu Wily)	Low	New
1547400	CVE-2016-2853	linux-flo (Ubuntu Xenial)	Low	New
1547400	CVE-2016-2853	linux-lts-raring (Ubuntu)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-raring (Ubuntu Precise)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-raring (Ubuntu Trusty)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-raring (Ubuntu Wily)	Low	Invalid
1547400	CVE-2016-2853	linux-lts-raring (Ubuntu Xenial)	Low	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-2853

Related bugs and status

Related bugs

References