The aufs module for the Linux kernel does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. References: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/ http://www.openwall.com/lists/oss-security/2016/02/24/9
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1871723]
Aufs is not an upstream kernel module, it was never merged as overlayfs was preferred.