The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Published 2021-04-17 05:15:15
Updated 2023-07-07 19:10:37
View at NVD,   CVE.org

Products affected by CVE-2021-3493

CVE-2021-3493 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Linux Kernel Privilege Escalation Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.
Notes:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52; https://nvd.nist.gov/vuln/detail/CVE-2021-3493
Added on 2022-10-20 Action due date 2022-11-10

Exploit prediction scoring system (EPSS) score for CVE-2021-3493

0.83%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2021-3493

  • 2021 Ubuntu Overlayfs LPE
    Disclosure Date: 2021-04-12
    First seen: 2022-12-23
    exploit/linux/local/cve_2021_3493_overlayfs
    This module exploits a vulnerability in Ubuntu's implementation of overlayfs. The vulnerability is the result of failing to verify the ability of a user to set the attributes in a running executable. Specifically, when Overlayfs sends the set attributes data

CVSS scores for CVE-2021-3493

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.2
HIGH AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
NIST
7.8
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.8
5.9
NIST
8.8
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2.0
6.0
Canonical Ltd.

CWE ids for CVE-2021-3493

  • The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
    Assigned by: nvd@nist.gov (Primary)
  • The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
    Assigned by: security@ubuntu.com (Secondary)
  • The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-3493

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!