CVE-2018-6559
Published: 18 October 2018
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
From the Ubuntu Security Team
Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names).
Notes
Author | Note |
---|---|
tyhicks | This CVE is specific to Ubuntu since Ubuntu allows overlayfs mounts inside of user namespaces This flaw was previously discovered and fixed as part of CVE-2015-1328. The fix for CVE-2015-1328 was incorrectly dropped from the Ubuntu kernel during a merge with related changes in the upstream Linux kernel. CVE-2018-6559 represents the portion of CVE-2015-1328 that was incorrectly reintroduced into the Ubuntu kernel. |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
upstream |
Not vulnerable
(Ubuntu specific)
|
bionic |
Released
(4.15.0-42.45)
|
|
cosmic |
Released
(4.18.0-12.13)
|
|
trusty |
Not vulnerable
(3.11.0-12.19)
|
|
xenial |
Not vulnerable
(4.2.0-16.19)
|
|
Patches: Introduced by Fixed by local-2015-1328-fix|local-2018-6559-fix |
||
linux-flo Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.12~rc2)
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
xenial |
Ignored
(abandoned)
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Ignored
(end of life)
|
|
linux-grouper Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-maguro Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-mako Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Ignored
(abandoned)
|
|
linux-manta Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1029.30)
|
cosmic |
Released
(4.18.0-1006.7)
|
|
trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1035.36)
|
cosmic |
Released
(4.18.0-1006.6)
|
|
trusty |
Released
(4.15.0-1035.36~14.04.2)
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Released
(4.15.0-1035.36~16.04.1)
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1035.36)
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Released
(4.15.0-1035.36~16.04.1)
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.15.0-1030.31~16.04.1)
|
|
linux-euclid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Ignored
(was needs-triage ESM criteria)
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1025.26)
|
cosmic |
Released
(4.18.0-1004.5)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Released
(4.15.0-1025.26~16.04.1)
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.18.0-1004.5~18.04.1)
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Ignored
(end of standard support)
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.18.0-13.14~18.04.1)
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Released
(4.15.0-42.45~16.04.1)
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.18.0-12.13~18.04.1)
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Released
(4.15.0-42.45~16.04.1)
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1027.27)
|
cosmic |
Released
(4.18.0-1005.5)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-lts-wily Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
cosmic |
Does not exist
|
|
trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Does not exist
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1028.33)
|
cosmic |
Released
(4.15.0-1028.33)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Ignored
(end of standard support, was needs-triage)
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1007.9)
|
cosmic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.15.0-1007.9~16.04.1)
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1029.31)
|
cosmic |
Released
(4.18.0-1007.9)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.2.0-1013.19)
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
cosmic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.6.12~rc2)
|
|
xenial |
Not vulnerable
(4.4.0-1012.12)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 3.3 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | Low |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6559
- https://ubuntu.com/security/notices/USN-3832-1
- https://ubuntu.com/security/notices/USN-3833-1
- https://ubuntu.com/security/notices/USN-3836-1
- https://ubuntu.com/security/notices/USN-3835-1
- https://ubuntu.com/security/notices/USN-3836-2
- NVD
- Launchpad
- Debian