Bug#1012547: linux: disable user namespaces per default
- To: 1012547@bugs.debian.org
- Subject: Bug#1012547: linux: disable user namespaces per default
- From: Philippe Cerfon <philcerf@gmail.com>
- Date: Mon, 8 Aug 2022 15:47:48 +0200
- Message-id: <[🔎] CAN+za=NEgsd2EAbAAXtFeeGgAHQWvUBOUN0KfOGdjYaPDtmuvA@mail.gmail.com>
- Reply-to: Philippe Cerfon <philcerf@gmail.com>, 1012547@bugs.debian.org
- In-reply-to: <CAN+za=OtKtNx6g-vJvy89Srr+6WMXW8_SC9EnSvGD-XaSXMLuw@mail.gmail.com>
- References: <CAN+za=PUa6Pfem-HTmMH_MPNjtrq8VArcBdqtPfY=ey8FEUFsw@mail.gmail.com> <7a24cbe33311058a9ded501818402e015990ba94.camel@decadent.org.uk> <CAN+za=PSkriYG9FcWCwX88k7_ih13oTaQpUbAeJMGAtMb5=7KQ@mail.gmail.com> <CAN+za=OtKtNx6g-vJvy89Srr+6WMXW8_SC9EnSvGD-XaSXMLuw@mail.gmail.com> <CAN+za=PUa6Pfem-HTmMH_MPNjtrq8VArcBdqtPfY=ey8FEUFsw@mail.gmail.com>
Apparently it's already Christmas:
The next two holes that likely allow privilege escalation and that
would have been mitigated by unprivileged user namespaces being
disabled:
CVE-2022-1015, CVE-2022-1016
Cheers,
Phiippe
Reply to: