CVE-2021-3493
published 2021-04-17CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an…
PriorityP184high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-11-10
Exploited in the wild
EPSS
43.99%
98.6th percentile
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | < 18.04 | 18.04 |
| canonical | ubuntu_linux | < 20.10 | 20.10 |
| canonical | ubuntu_linux | >= 18.04.1 < 20.04 | 20.04 |
| debian | linux | < linux 5.10.38-1 (bookworm) | linux 5.10.38-1 (bookworm) |
| linux | linux_kernel | >= 0 < 5.10.38-1 | 5.10.38-1 |
| linux | linux_kernel | >= 0 < 5.10.38-1 | 5.10.38-1 |
| linux | linux_kernel | >= 0 < 5.10.38-1 | 5.10.38-1 |
| linux | linux_kernel | >= 0 < 5.10.38-1 | 5.10.38-1 |
| linux | linux_kernel | >= 0 < 4.4.0-210.242 | 4.4.0-210.242 |
| linux | linux_kernel | >= 0 < 4.4.0-209.241 | 4.4.0-209.241 |
| linux | linux_kernel | >= 0 < 4.15.0-142.146 | 4.15.0-142.146 |
| linux | linux_kernel | >= 0 < 5.4.0-72.80 | 5.4.0-72.80 |
| linux | linux_kernel | >= 0 < 4.4.0-209.241 | 4.4.0-209.241 |
| linux | linux_kernel | >= 0 < 4.15.0-142.146 | 4.15.0-142.146 |
| linux | linux_kernel | >= 0 < 5.4.0-72.80 | 5.4.0-72.80 |
| ubuntu | linux_kernel | >= 4.15 kernel < 4.15.0-142.146 | 4.15.0-142.146 |
| ubuntu | linux_kernel | >= 4.4 kernel < 4.4.0-209.241 | 4.4.0-209.241 |
| ubuntu | linux_kernel | >= 5.4 kernel < 5.4.0-72.80 | 5.4.0-72.80 |
| ubuntu | linux_kernel | >= 5.8 kernel < 5.8.0-50.56 | 5.8.0-50.56 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unprivileged user namespace creation combined with overlayfs mount attempts, which is the prerequisite condition for exploiting this vulnerability. ↗
- →Detect calls to vfs_setxattr / ovl_do_setxattr from unprivileged processes setting file capabilities (xattrs) on overlayfs-mounted files, bypassing cap_convert_nscap verification. ↗
- →Alert on writing setuid capabilities to a file via overlayfs upper directory, which is the exploitation primitive used to achieve root access. ↗
- →Monitor for local privilege escalation via overlayfs on Ubuntu kernels; the exploit is delivered as a local exploit module targeting Linux systems. ↗
- ·This vulnerability is Ubuntu-specific; all Red Hat Enterprise Linux versions (5, 6, 7, 8, 9) are listed as Not Affected because they do not carry the Ubuntu patch enabling unprivileged overlay mounts. ↗
- ·The vulnerability requires the Ubuntu-specific kernel patch that allows unprivileged overlay mounts; without that patch the overlayfs capability bypass is not reachable by an unprivileged user. ↗
- ·The GameOver(lay) module (gameoverlay_privesc.rb) targets a related but distinct code path introduced as a mitigation for CVE-2021-3493, where __vfs_setxattr_noperm is called without the intermediate safety function vfs_setxattr. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vulncheck8.8HIGH
cisa7.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Linux Kernel Privilege Escalation Vulnerability
cisa·2022-10-20·CVSS 7.8
CVE-2021-3493 [HIGH] CWE-862 Linux Kernel Privilege Escalation Vulnerability
Vulnerability: Linux Kernel Privilege Escalation Vulnerability
Affected: Linux Kernel
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.
Required Action: Apply updates per vendor instructions.
Notes: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52; https://nvd.nist.gov/vuln/detail/CVE-2021-3493
Remediation Due Date: 2022-11-10
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2021-05-03·CVSS 7.8
CVE-2021-29154 [HIGH] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges.(CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2021-29154)
Ubuntu
Linux kernel regression
vendor_ubuntu·2021-04-22·CVSS 7.8
CVE-2021-3493 [HIGH] Linux kernel regression
Title: Linux kernel regression
Summary: USN-4916-1 introduced a regression in the Linux kernel.
USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
the fix for CVE-2021-3493 introduced a memory leak in some situations.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial o
Red Hat
kernel: overlayfs file system caps privilege escalation
vendor_redhat·2021-04-16·CVSS 8.8
CVE-2021-3493 [HIGH] CWE-552 kernel: overlayfs file system caps privilege escalation
kernel: overlayfs file system caps privilege escalation
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
A flaw was found in the Linux kernel. The overlayfs stacking file system does not properly validate the application of file capabilities against user namespaces. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Package: kernel (Red Hat Enterprise Linux 5) - Not affected
Package: kernel (Red Hat E
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2021-04-15·CVSS 8.8
CVE-2021-3493 [HIGH] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux
kernel did not properly handle faults in copy_from_user() when passing
through ioctls to an underlying file system. A local attacker could use
this to cause a denial of service (memory exhaustion) or execute arbitrary
code. (CVE-2021-3492)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTIO
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2021-04-15·CVSS 7.8
CVE-2021-3493 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI ch
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2021-04-15·CVSS 7.8
CVE-2021-3492 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux
kernel did not properly handle faults in copy_from_user() when passing
through ioctls to an underlying file system. A local attacker could use
this to cause a denial of service (memory exhaustion) or execute arbitrary
code. (CVE-2021-3492)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch d
Debian
CVE-2021-3493: linux - The overlayfs implementation in the linux kernel did not properly validate with ...
vendor_debian·2021·CVSS 8.8
CVE-2021-3493 [HIGH] CVE-2021-3493: linux - The overlayfs implementation in the linux kernel did not properly validate with ...
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Scope: local
bookworm: resolved (fixed in 5.10.38-1)
bullseye: resolved (fixed in 5.10.38-1)
forky: resolved (fixed in 5.10.38-1)
sid: resolved (fixed in 5.10.38-1)
trixie: resolved (fixed in 5.10.38-1)
GHSA
GHSA-2fj2-4h38-3c72: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i
ghsa_unreviewed·2022-05-24
CVE-2021-3493 [HIGH] CWE-269 GHSA-2fj2-4h38-3c72: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
OSV
Kernel Live Patch Security Notice
osv·2021-05-03·CVSS 7.8
CVE-2021-3493 [HIGH] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges.(CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2021-29154)
OSV
linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression
osv·2021-04-22·CVSS 7.8
CVE-2021-3493 [HIGH] linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression
linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression
USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
the fix for CVE-2021-3493 introduced a memory leak in some situations.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations.
OSV
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i
osv·2021-04-17·CVSS 7.8
CVE-2021-3493 [HIGH] CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files i
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
OSV
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm,
osv·2021-04-15·CVSS 7.8
[HIGH] linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm,
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux
kernel did not properly handle faults in copy_from_user() when passing
through ioctls to an underlying file system. A local attacker could use
this to cause a
OSV
linux-oem-5.6 vulnerabilities
osv·2021-04-15·CVSS 7.8
CVE-2021-3493 [HIGH] linux-oem-5.6 vulnerabilities
linux-oem-5.6 vulnerabilities
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux
kernel did not properly handle faults in copy_from_user() when passing
through ioctls to an underlying file system. A local attacker could use
this to cause a denial of service (memory exhaustion) or execute arbitrary
code. (CVE-2021-3492)
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon vulnerab
osv·2021-04-15·CVSS 7.8
CVE-2021-3493 [HIGH] linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon vulnerab
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
VulnCheck
Linux Kernel Privilege Escalation Vulnerability
vulncheck·2021·CVSS 8.8
CVE-2021-3493 [HIGH] CWE-862 Linux Kernel Privilege Escalation Vulnerability
Linux Kernel Privilege Escalation Vulnerability
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.
Affected: Linux Kernel
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Exploit PoC: https://vulncheck.com/xdb/80b50ee28342; https://vulncheck.com/xdb/260ad0a548b5; https://vulncheck.com/xdb/8bc3c24df427; https://vulncheck.com/xdb/c90d13040f2a; https://vulncheck.com/xdb/76f421f52f8f
Remediation Due: 2022-11-10
No detection rules found.
Metasploit
2021 Ubuntu Overlayfs LPE
metasploit
2021 Ubuntu Overlayfs LPE
2021 Ubuntu Overlayfs LPE
This module exploits a vulnerability in Ubuntu's implementation of overlayfs. The vulnerability is the result of failing to verify the ability of a user to set the attributes in a running executable. Specifically, when Overlayfs sends the set attributes data to the underlying file system via `vfs_setxattr`, it fails to first verify the data by calling `cap_convert_nscap`. This vulnerability was patched by moving the call to `cap_convert_nscap` into the `vfs_setxattr` function that sets the attribute, forcing verification every time the `vfs_setxattr` is called rather than trusting the data was already verified.
Metasploit
GameOver(lay) Privilege Escalation and Container Escape
metasploit·CVSS 7.8
CVE-2021-3493 [HIGH] GameOver(lay) Privilege Escalation and Container Escape
GameOver(lay) Privilege Escalation and Container Escape
This module exploits the use of unsafe functions in a number of Ubuntu kernels utilizing vunerable versions of overlayfs. To mitigate CVE-2021-3493 the Linux kernel added a call to vfs_setxattr during ovl_do_setxattr. Due to independent changes to the kernel by the Ubuntu development team __vfs_setxattr_noperm is called during ovl_do_setxattr without calling the intermediate safety function vfs_setxattr. Ultimatly this module allows for root access to be achieved by writing setuid capabilities to a file which are not sanitized after being unioned with the upper mounted directory.
Wiz
GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog
blogs_wiz·2023-07-27·CVSS 7.8
CVE-2023-2640 [HIGH] GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog
CVE-2023-2640 and CVE-2023-32629 were found in the OverlayFS module in Ubuntu, which is a widely used Linux filesystem that became highly popular with the rise of containers as its features enable the deployment of dynamic filesystems based on pre-built images. OverlayFS serves as an attractive attack surface as it has a history of numerous logical vulnerabilities that were easy to exploit. This makes the new discovered vulnerabilities especially risky given the exploits for the past OverlayFS vulnerabilities work out of the box without any changes.
The two vulnerabilities are exclusive to Ubuntu because Ubuntu introduced several changes to the OverlayFS module in 2018. These modifications did not pose any risks at the time. In 2020, a security vulnerability was discovered and patched in
Wiz
GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog
blogs_wiz·2023-07-27·CVSS 7.8
CVE-2023-2640 [HIGH] GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog
CVE-2023-2640 and CVE-2023-32629 were found in the OverlayFS module in Ubuntu, which is a widely used Linux filesystem that became highly popular with the rise of containers as its features enable the deployment of dynamic filesystems based on pre-built images. OverlayFS serves as an attractive attack surface as it has a history of numerous logical vulnerabilities that were easy to exploit. This makes the new discovered vulnerabilities especially risky given the exploits for the past OverlayFS vulnerabilities work out of the box without any changes.
The two vulnerabilities are exclusive to Ubuntu because Ubuntu introduced several changes to the OverlayFS module in 2018. These modifications did not pose any risks at the time. In 2020, a security vulnerability was discovered and patched in
arXiv
From Sands to Mansions: Towards Automated Cyberattack Emulation with Classical Planning and Large Language Models
arxiv_fulltext·2026-02-05
From Sands to Mansions: Towards Automated Cyberattack Emulation with Classical Planning and Large Language Models
From Sands to Mansions: Actionable, Customizable and Causality-Preserving Cyberattack Emulation with LLM-powered Symbolic Planning
Cyberattack Emulation with LLM-powered Symbolic Planning
Lingzhi Wang1
Zhenyuan LI2
Yi Jiang2
Zhengkai Wang2
Xiangmin Shen3
Wei Ruan2
Yan Chen1
L. Wang et al.
Northwestern University, Evanston, IL 60208, USA
[email protected]
[email protected]
Zhejiang University, Hangzhou, Zhejiang 310027, China
\lizhenyuan,22421062,22451237,ruanwei\@zju.edu.cn
Hofstra University, Hempstead, NY 11549, USA
[email protected]
## Abstract
Evolving attacker capabilities demand realistic and continuously updated cyberattack emulation for threat-informed defense and security benchmarking.
Towards automated attack emulation, this paper defines m
arXiv
Intell-dragonfly: A Cybersecurity Attack Surface Generation Engine Based On Artificial Intelligence-generated Content Technology
arxiv_fulltext·2023-11-01
Intell-dragonfly: A Cybersecurity Attack Surface Generation Engine Based On Artificial Intelligence-generated Content Technology
Intell-dragonfly: A Cybersecurity Attack Surface Generation Engine Based On Artificial Intelligence-generated Content Technology
Xingchen Wu1,3
Qin Qiu2
Jiaqi Li1,3
Yang Zhao1, 4,Corresponding author
Xingchen Wu et al.
Intell-dragonfly
School of Cyber Security, University of Chinese Academy of Sciences
China Mobile Communications Group Co., Ltd., Beijing 100053, China
Institute of Information Engineering Chinese Academy of Sciences, Beijing, China
Institute of Information Engineering Chinese Academy of Sciences, Beijing, China
[email protected]
## Abstract
With the rapid development of the Internet, cyber security issues have become increasingly prominent. Traditional cyber security defense methods are limited in the face of ever-changing threats, so it is critical to seek innovat
http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.htmlhttp://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.htmlhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52https://ubuntu.com/security/notices/USN-4917-1https://www.openwall.com/lists/oss-security/2021/04/16/1http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.htmlhttp://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.htmlhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52https://ubuntu.com/security/notices/USN-4917-1https://www.openwall.com/lists/oss-security/2021/04/16/1https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3493
2021-04-17
Published
2022-10-20
Added to CISA KEV
Exploited in the wild