Security Advisory

CVE-2023-2640

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-26 01:59:23

Last updated 2024-10-23 14:59:17

Assigner canonical

State PUBLISHED

Description

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.

← Browse all CVEs View on cve.org ↗