Giuseppe Scrivano

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 4.19 through 5.7 **Description** The issue is related to a lack of proper permission checking in overlayfs, allowing an unprivileged user to copy files to a mountpoint they control, potentially accessing files not readable by them. This could be exploited within a user namespace if unprivileged user namespaces are allowed. The problem was introduced in kernel version 4.19 and fixed in kernel version 5.8. There is no estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For Linux kernel versions 4.19 through 5.7, update to kernel version 5.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of overlayfs within user namespaces until a patch is available. Avoid using removable devices as mountpoints controlled by unprivileged users in affected kernel versions. At the moment, there is no additional information about other mitigation measures.