← Retour aux CVEs
CVE-2021-3493
HIGHCISA KEV8.8
Description
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie4/17/2021
Derniere modification10/28/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurLinux
ProduitKernel
Nom vulnerabiliteLinux Kernel Privilege Escalation Vulnerability
Date ajout KEV2022-10-20
Date limite remediation2022-11-10
Utilise dans ransomwareUnknown
Produits affectes
canonical:ubuntu_linux
Faiblesses (CWE)
CWE-270CWE-863
References
http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html(security@ubuntu.com)
http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html(security@ubuntu.com)
http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html(security@ubuntu.com)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52(security@ubuntu.com)
https://ubuntu.com/security/notices/USN-4917-1(security@ubuntu.com)
https://www.openwall.com/lists/oss-security/2021/04/16/1(security@ubuntu.com)
http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52(af854a3a-2127-422b-91ae-364da2661108)
https://ubuntu.com/security/notices/USN-4917-1(af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2021/04/16/1(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3493(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.