Alexandre Oliva

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.19 **Description** The issue allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations. This can occur in two scenarios: (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Linux kernel versions prior to 3.19, update to version 3.19 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive filesystem operations to minimize the risk of exploitation.