Nixpkgs security tracker

Untriaged

Permalink CVE-2012-0055

created 2 months ago Activity log

Created suggestion 2 months ago

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in …

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

References

[oss-security] 20120117 Re: CVE Request: overlayfs mailing-listx_transferredx_refsource_MLIST
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-0055 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0055 x_transferredx_refsource_MISC
http://www.ubuntu.com/usn/USN-1363-1 x_transferredx_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1364-1 x_transferredx_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1384-1 x_transferredx_refsource_CONFIRM
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/915941 x_transferredx_refsource_CONFIRM

Affected products

OverlayFS

==as used in Ubuntu 10.0.4 LTS and 11.10
==before 3.0.0-16.28

Matching in nixpkgs

pkgs.fuse-overlayfs

FUSE implementation for overlayfs

nixos-unstable 1.16
- nixpkgs-unstable 1.16
- nixos-unstable-small 1.16
nixos-25.11 1.15
- nixos-25.11-small 1.15
- nixpkgs-25.11-darwin 1.15

Package maintainers

@saschagrunert Sascha Grunert <mail@saschagrunert.de>
@sphaugh Sean Haugh <sean@lfo.team>
@vdemeester Vincent Demeester <vincent@sbr.pm>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.fuse-overlayfs

Package maintainers