Russian Vulnerability Scanner Database

Back to List

CVE-2015-1328

Scores

EPSS

0.894high89.4%
0%20%40%60%80%100%

Percentile: 89.4%

CVSS

7.8high3.x
0246810

CVSS Score: 7.8/10

All CVSS Scores

CVSS 3.x
7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdubuntu

CWEs

CWE-264

Exploits

Exploit ID: 37292

Source: exploitdb

URL: https://www.exploit-db.com/exploits/37292

Exploit ID: 37293

Source: exploitdb

URL: https://www.exploit-db.com/exploits/37293

Exploit ID: 40688

Source: exploitdb

URL: https://www.exploit-db.com/exploits/40688

Exploit ID: CVE-2015-1328

Source: github-poc

URL: https://github.com/0xf1d0/CVE-2015-1328

Vulnerable Software (49)

Type: Configuration

Product: linux

Operating System: debian

Trait: 
{  "unaffected": true}

Source: debian

Type: Configuration

Product: linux

Operating System: ubuntu trusty 14.04

Trait: 
{  "fixed": "3.13.0-55.92"}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu utopic 14.10

Trait: 
{  "fixed": "3.16.0-41.55"}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu vivid 15.04

Trait: 
{  "fixed": "3.19.0-21.21"}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu wily 15.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu xenial 16.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux

Operating System: ubuntu yakkety 16.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait: 
{  "unaffected": true}

Source: debian

Type: Configuration

Product: linux-aws

Operating System: ubuntu trusty 14.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-aws

Operating System: ubuntu xenial 16.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu trusty 14.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu utopic 14.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu vivid 15.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu wily 15.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu xenial 16.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-flo

Operating System: ubuntu yakkety 16.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-gke

Operating System: ubuntu xenial 16.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-goldfish

Operating System: ubuntu vivid 15.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-goldfish

Operating System: ubuntu wily 15.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-goldfish

Operating System: ubuntu xenial 16.04

Trait: 
{  "unaffected": true}

Source: ubuntu