|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu Update for linux USN-3836-1|
|Summary:||The remote host is missing an update for the 'linux'; package(s) announced via the USN-3836-1 advisory.|
The remote host is missing an update for the 'linux'
package(s) announced via the USN-3836-1 advisory.
Jann Horn discovered that the Linux kernel mishandles mapping UID or GID
ranges inside nested user namespaces in some situations. A local attacker
could use this to bypass access controls on resources outside the
Philipp Wendler discovered that the overlayfs implementation in the Linux
kernel did not properly verify the directory contents permissions from
within a unprivileged user namespace. A local attacker could use this to
expose sensitive information (protected file names). (CVE-2018-6559)
linux on Ubuntu 18.04 LTS.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2018-6559|
BugTraq ID: 105752
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.