Main Vulnerability Database Exploits ID:11067 - Exploit for Security restrictions bypass in Linux kernel - CVE-2015-1328

ID:11067 - Exploit for Security restrictions bypass in Linux kernel - CVE-2015-1328

Published: January 15, 2025

Vulnerability identifier: #VU95698

Vulnerability risk: Low

CVE-ID: CVE-2015-1328

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/elit3pwner/CVE-2015-1328-GoldenEye

Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Remediation

Install update from vendor's repository.

ID:11067 - Exploit for Security restrictions bypass in Linux kernel - CVE-2015-1328

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human