A vulnerability has been discovered in Ubuntu which allows a local user to gain administrative privileges and take control of the system.
CVE Number
CVE-2015-1328
Severity
Medium
Summary
Ubuntu announced the overlayfs privilege escalation vulnerability on June 15, 2015. A local user could exploit this flaw to gain administrative privileges on the system.
Vulnerability details
The overlayfs file system does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and whereoverlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces.
Impacted systems
Ubuntu 12.04, 14.04, 14.10, and 15.04 and their derivatives
Solution
Apply the patch released by vendor and reboot.
Ubuntu 12.04
http://www.ubuntu.com/usn/usn-2640-1
http://www.ubuntu.com/usn/usn-2641-1
http://www.ubuntu.com/usn/usn-2642-1
Ubuntu 14.04
http://www.ubuntu.com/usn/usn-2643-1
http://www.ubuntu.com/usn/usn-2644-1
http://www.ubuntu.com/usn/usn-2645-1
Ubuntu 14.10
http://www.ubuntu.com/usn/usn-2646-1
Ubuntu 15.04
http://www.ubuntu.com/usn/usn-2647-1
Temporary workaround
System Administrators are encouraged to apply the kernel update as the best defense against this vulnerability. Administrators who may not be able to apply the kernel update immediately may choose apply the following workaround in the interim. This will remove the overlayfs module from memory, and will blacklist the overlayfs module from being loaded at boot.
http://blog.emilburzo.com/2015/06/quick-work-around-for-cve-2015-1328.html
Useful Links
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html