CVE-2021-3732 : A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user m

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

Published 2022-03-10 17:42:59

Updated 2022-12-13 19:50:36

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2021-3732

Linux » Linux Kernel
Versions before (<) 5.14
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14
cpe:2.3:o:linux:linux_kernel:5.14:-:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC1
cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC2
cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC3
cpe:2.3:o:linux:linux_kernel:5.14:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC4
cpe:2.3:o:linux:linux_kernel:5.14:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC5
cpe:2.3:o:linux:linux_kernel:5.14:rc5:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-3732

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 1 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-3732

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-3732

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: secalert@redhat.com (Secondary)

References for CVE-2021-3732

https://bugzilla.redhat.com/show_bug.cgi?id=1995249

1995249 – (CVE-2021-3732) CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
Issue Tracking;Patch;Third Party Advisory
https://ubuntu.com/security/CVE-2021-3732

CVE-2021-3732 | Ubuntu
Third Party Advisory
https://github.com/torvalds/linux/commit/427215d85e8d1476da1a86b8d67aceb485eb3631

ovl: prevent private clone if bind mount is not allowed · torvalds/linux@427215d · GitHub
Patch;Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d1476da1a86b8d67aceb485eb3631

kernel/git/torvalds/linux.git - Linux kernel source tree
Mailing List;Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2021-3732

Products affected by CVE-2021-3732

Exploit prediction scoring system (EPSS) score for CVE-2021-3732

CVSS scores for CVE-2021-3732

CWE ids for CVE-2021-3732

References for CVE-2021-3732