Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-3493

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-3493

Description:
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Last updated date:
12/16/2021

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
09/06/2022
Reference url to background

https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux

Type:
exploit
Confidence:
HIGH
Date of publishing:
04/19/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
04/22/2021
Reference url to background

https://github.com/oneoy/CVE-2021-3493

Type:
exploit
Confidence:
HIGH
Date of publishing:
07/07/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/02/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/16/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/16/2021
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy