⚠ Actively exploited
Added to CISA KEV on 2022-10-20. Federal agencies required to patch by 2022-11-10. Required action: Apply updates per vendor instructions..
CVE-2021-3493 — Privilege Context Switching Error in Linux Kernel
Severity
7.8HIGHNVD
CNA8.8VulnCheck8.8
EPSS
76.4%
top 1.06%
CISA KEV
KEV
Added 2022-10-20
Due 2022-11-10
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedApr 17
KEV addedOct 20
KEV dueNov 10
CISA Required Action: Apply updates per vendor instructions.
Description
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages4 packages
Patches
🔴Vulnerability Details
9GHSA▶
GHSA-2fj2-4h38-3c72: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i↗2022-05-24
OSV▶
linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression↗2021-04-22
OSV▶
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i↗2021-04-17
CVEList▶
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i↗2021-04-17