VYPR
Vendor

aufs

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2016-2854HigMay 2, 2016
    risk 0.54cvss 7.8epss 0.01

    The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.

  • CVE-2016-2853HigMay 2, 2016
    risk 0.54cvss 7.8epss 0.01

    The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.

  • CVE-2020-11935MedApr 7, 2023
    risk 0.29cvss 4.4epss 0.00

    It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

  • CVE-2015-7312Nov 16, 2015
    risk 0.00cvss epss 0.00

    Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync…