A double-free flaw in the copy_from_user() function allows an attacker to execute arbitrary code on the system in shiftfs (out-of-tree stacking file system). The attacker can exploit this vulnerability by sending specially crafted ioctls requests to cause kernel memory consumption (denial of service) in the system or execute arbitrary codes.
In the overlayfs stacking file system in the kernel, an authenticated attacker can gain elevated privileges on the system caused by the improper validation of filing capabilities against user namespaces. The attacker can exploit this vulnerability by sending specially crafted requests along with a patch carried in the Ubuntu kernel to gain elevated privileges.
Download the latest patches for Ubuntu and refer to the Ubuntu website for information on upgrades or suggested workarounds at