A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Link | Tags |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2013242 | third party advisory issue tracking |
https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/ | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | third party advisory mailing list |
https://www.debian.org/security/2022/dsa-5096 | third party advisory vendor advisory |