Back to bug 1886387
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2020-10-08 10:59:58 UTC | CC | security-response-team | |
| Marian Rehak | 2020-10-08 11:00:17 UTC | Blocks | 1886388 | |
| Eric Christensen | 2020-10-12 17:39:13 UTC | Doc Text | A flaw was found in the Linux kernel. When using shiftfs with overlayfs and fuse, it is possible to receive the data of files that are supposed to be not readable by the mounter before setting up permissions. It is also possible to copy these files to another mountpoint like a removable device. The highest threat from this vulnerability is to data confidentiality. | |
| Wade Mealing | 2020-10-20 23:58:21 UTC | Group | security, qe_staff | |
| CC | airlied, bskeggs, hdegoede, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, john.j5live, jonathan, josef, jwboyer, kernel-maint, kernel-mgr, linville, masami256, mchehab, mjg59, rt-maint, steved | |||
| Deadline | 2020-10-13 | |||
| Summary | EMBARGOED CVE-2020-16120 kernel: incorrect unprivileged overlayfs permission checking may lead to information disclosure | CVE-2020-16120 kernel: incorrect unprivileged overlayfs permission checking may lead to information disclosure | ||
| Florencio Cano | 2020-10-28 10:01:34 UTC | Depends On | 1892254, 1892251, 1892255, 1892256, 1892252, 1892253, 1892250 | |
| Rohit Keshri | 2020-12-07 06:00:22 UTC | CC | rkeshri | |
| Rohit Keshri | 2020-12-07 06:06:29 UTC | Depends On | 1904924, 1904926, 1904925, 1904923, 1904922 | |
| Miklos Szeredi | 2020-12-07 08:17:39 UTC | CC | mszeredi | |
| Flags | needinfo?(mrehak) | |||
| Marian Rehak | 2020-12-07 09:23:30 UTC | Flags | needinfo?(mrehak) | needinfo?(mszeredi) |
| Miklos Szeredi | 2020-12-07 10:22:00 UTC | CC | wmealing | |
| Flags | needinfo?(mszeredi) | needinfo?(wmealing) needinfo?(rkeshri) | ||
| Rohit Keshri | 2020-12-07 11:16:27 UTC | Flags | needinfo?(wmealing) needinfo?(rkeshri) | |
| Miklos Szeredi | 2020-12-07 11:28:41 UTC | Flags | needinfo?(rkeshri) | |
| Rohit Keshri | 2020-12-07 12:52:46 UTC | Flags | needinfo?(rkeshri) | |
| Rohit Keshri | 2020-12-07 19:56:31 UTC | Doc Text | A flaw was found in the Linux kernel. When using shiftfs with overlayfs and fuse, it is possible to receive the data of files that are supposed to be not readable by the mounter before setting up permissions. It is also possible to copy these files to another mountpoint like a removable device. The highest threat from this vulnerability is to data confidentiality. | A flaw was found in the User namespace on an overlay filesystem in the Linux Kernel, Where a file with no access privilege was able to copy the file to a user defined mount point. An attacker with a special user privilege locally may lead to a kernel information leak problem. |
| Rohit Keshri | 2020-12-07 20:28:34 UTC | Comment | 0 | updated |
| Wade Mealing | 2020-12-10 03:49:37 UTC | Flags | needinfo?(mszeredi) | |
| Miklos Szeredi | 2020-12-10 13:00:30 UTC | Flags | needinfo?(mszeredi) | |
| Red Hat Bugzilla | 2021-05-30 12:02:36 UTC | CC | blc | |
| Red Hat Bugzilla | 2021-05-30 12:37:51 UTC | CC | bhu | |
| Jeff Fearn 🐞 | 2021-06-03 11:14:24 UTC | CC | blc | |
| Jeff Fearn 🐞 | 2021-06-03 11:55:29 UTC | CC | bhu | |
| Red Hat Bugzilla | 2021-09-15 05:47:04 UTC | CC | jglisse | |
| Red Hat Bugzilla | 2022-04-23 08:28:54 UTC | CC | esammons | |
| Red Hat Bugzilla | 2022-07-16 03:20:34 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-31 23:36:12 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:41:53 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-06-14 21:29:43 UTC | CC | mcressma | |
| Red Hat Bugzilla | 2023-07-07 08:29:00 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team |
Back to bug 1886387