A vulnerability has been discovered in Ubuntu which allows a local user to gain administrative privileges and take control of the system.
Ubuntu announced the overlayfs privilege escalation vulnerability on June 15, 2015. A local user could exploit this flaw to gain administrative privileges on the system.
The overlayfs file system does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and whereoverlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces.
Ubuntu 12.04, 14.04, 14.10, and 15.04 and their derivatives
Apply the patch released by vendor and reboot.
System Administrators are encouraged to apply the kernel update as the best defense against this vulnerability. Administrators who may not be able to apply the kernel update immediately may choose apply the following workaround in the interim. This will remove the overlayfs module from memory, and will blacklist the overlayfs module from being loaded at boot.