Canonical patches privilege escalation bug in Ubuntu
To address a local root privilege growth vulnerability that can be used to gain administrative privileges on the system, Canonical has released updates for Ubuntu.
The kernel vulnerability is related to the OverlayFS Linux filesystem service. It affects the default configuration on all supported versions of Ubuntu.
The overlayfs filesystem does not check file permissions correctly when developing new files in the upper filesystem directory. This can be used by an unprivileged process in kernels with CONFIG_USER_NS=y and where overlayfs has the FS_USERNS_MOUNT flag that allows the mounting of overlayfs inside unprivileged mount namespaces.
The following versions of Ubuntu have been updated: 12.04 LTS (Precise Pangolin), 14.04 LTS (Trusty Tahr), 14.10 (Utopic Unicorn) and 15.04 (Vivid Vervet). Users are recommended to update their installments as soon as possible.