USN-2641-2: Linux kernel (OMAP4) regression

Ubuntu Security Notice USN-2641-2

21st June, 2015

linux-ti-omap4 regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to crash under certain conditions.

Software description

  • linux-ti-omap4
    – Linux kernel for OMAP4

Details

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel’s
overlayfs file system. The removal of a directory that only exists on the
lower layer results in a kernel panic.

We apologize for the inconvenience.

Original advisory details:

Philip Pettersson discovered a privilege escalation when using overlayfs
mounts inside of user namespaces. A local user could exploit this flaw to
gain administrative privileges on the system.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1466-omap4

3.2.0-1466.87

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

http://bugs.launchpad.net/bugs/1465998

Leave a Reply