Posted by halfdog on Feb 25

Hello List,

Here are some issues recently discovered:

* Overlayfs over Fuse Privilege Escalation: On some systems, e.g.
Ubuntu Wily, it is possible to place an USERNS overlayfs mount over a
fuse (file system in userspace) mount. Inactive SUID binaries in the
user-controllable fuse filesystem may then be copied to other
filesystems in copy_up, thus allowing unprivileged users to create
arbitrary SUID binaries on the disk. Read more…

(CRD…