← Volver a CVEs
CVE-2021-3493
HIGHCISA KEV8.8
Descripcion
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/17/2021
Ultima modificacion10/28/2025
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorLinux
ProductoKernel
Nombre vulnerabilidadLinux Kernel Privilege Escalation Vulnerability
Fecha inclusion KEV2022-10-20
Fecha limite remediacion2022-11-10
Uso en ransomwareUnknown
Productos afectados
canonical:ubuntu_linux
Debilidades (CWE)
CWE-270CWE-863
Referencias
http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html(security@ubuntu.com)
http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html(security@ubuntu.com)
http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html(security@ubuntu.com)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52(security@ubuntu.com)
https://ubuntu.com/security/notices/USN-4917-1(security@ubuntu.com)
https://www.openwall.com/lists/oss-security/2021/04/16/1(security@ubuntu.com)
http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52(af854a3a-2127-422b-91ae-364da2661108)
https://ubuntu.com/security/notices/USN-4917-1(af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2021/04/16/1(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3493(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.