CVE-2020-16120 log

Source
Severity Medium
Remote No
Type Privilege escalation
Description
Giuseppe Scrivano discovered that overlayfs did not properly perform permission checking when copying up files in an overlayfs, and can be exploited from within a user namespace, if, for example, unprivileged user namespaces are allowed.
An attacker can abuse this to get read access to files on the system that they would not normally be permitted to access.
Group Package Affected Fixed Severity Status Ticket
AVG-1242 linux 5.7.12.arch1-1 5.8.arch1-1 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2020/10/13/6
Notes
Mitigation on systems where unprivileged user namespaces are enabled
but not needed is to set the kernel.unprivileged_userns_clone sysctl
to 0. e.g.:

  $ sudo sysctl kernel.unprivileged_userns_clone=0

and across reboots by adding a file in /etc/sysctl.d/ that contains:

  kernel.unprivileged_userns_clone=0