CVE-2016-1585
Publication date 22 April 2019
Last updated 24 July 2024
Ubuntu priority
In all versions of AppArmor mount rules are accidentally widened when compiled.
From the Ubuntu Security Team
It was discovered that the AppArmor policy compiler incorrectly generated looser restrictions than expected for rules allowing mount operations. A local attacker could possibly use this to bypass AppArmor restrictions in applications where some mount operations were permitted.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| apparmor | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal |
Vulnerable
|
|
| 18.04 LTS bionic |
Vulnerable
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| 14.04 LTS trusty |
Needs evaluation
|
|
Notes
sbeattie
apparmor policies that do not grant the ability to perform any mount permissions are not affected.
alexmurray
Original fix introduced a regression, requiring the fix from https://gitlab.com/apparmor/apparmor/-/merge_requests/1048 as well
sbeattie
additional regression fix in https://gitlab.com/apparmor/apparmor/-/merge_requests/1054
Patch details
| Package | Patch details |
|---|---|
| apparmor |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
9.8 · Critical
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |