CVE-2021-3493

Published: Apr 17, 2021Modified: Oct 28, 2025CISA KEV

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

Affected (3)

Products: Canonical: Ubuntu Linux

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Before 18.04
Canonical Ubuntu Linux	From 18.04.1 to 20.04

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Before 20.10

Related CWEs

Privilege Context Switching Error

The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (13)

http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html

Source: security@ubuntu.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html

Source: security@ubuntu.com

Press/Media CoverageThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html

Source: security@ubuntu.com

ExploitThird Party AdvisoryVDB Entry

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52

Source: security@ubuntu.com

Mailing ListPatchThird Party Advisory

https://ubuntu.com/security/notices/USN-4917-1

Source: security@ubuntu.com

Vendor Advisory

https://www.openwall.com/lists/oss-security/2021/04/16/1

Source: security@ubuntu.com

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

Press/Media CoverageThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

https://ubuntu.com/security/notices/USN-4917-1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.openwall.com/lists/oss-security/2021/04/16/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3493

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.