CVE-2018-16597

Impact:
Moderate
Public Date:
2018-09-18
CWE:
CWE-862
Bugzilla:
1632443: CVE-2018-16597 kernel: overlayfs file truncation without permissions
An issue was discovered in the Linux kernel where an incorrect access check in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

Find out more about CVE-2018-16597 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 5.3
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity Impact Low
Availability Impact Low

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (kernel) RHSA-2016:2574 2016-11-03

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 kernel-rt Not affected
Red Hat Enterprise Linux 8 kernel Not affected
Red Hat Enterprise Linux 8 kernel-rt Not affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected
Last Modified