Vigil@nce - Linux kernel: privilege escalation via nfsd
August 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can change file permissions exported by the NFS server
of the Linux kernel, in order to escalate his privileges.
Impacted products: Debian, Fedora, Linux, Ubuntu.
Severity: 2/4.
Creation date: 29/06/2016.
DESCRIPTION OF THE VULNERABILITY
The Linux kernel includes a NFS file server.
However, an attacker can change the permissions of any file
without being its owner, which is normally required.
An attacker can therefore change file permissions exported by the
NFS server of the Linux kernel, in order to escalate his
privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-privilege-escalation-via-nfsd-19993