Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-15793 — Insertion of Sensitive Information into Externally-Accessible File or Directory in Shiftfs IN THE Linux Kernel
Severity
8.8HIGHNVD
CNA6.5OSV6.5
EPSS
0.0%
top 90.35%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedApr 24
Latest updateMay 24
Description
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this t…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0
Affected Packages2 packages
Also affects: Ubuntu Linux 18.04, 19.04
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-h5g7-x752-wjh8: In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5↗2022-05-24
OSV▶
linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-raspi2 vulnerabilities↗2019-11-13
OSV▶
CVE-2019-15793: In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5↗2019-11-12
💥Exploits & PoCs
1📋Vendor Advisories
5Debian▶
CVE-2019-15793: linux - In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 ...↗2019