logo
Home/CVEs/CVE-2021-3493/

CVE-2021-3493 - Linux Kernel Privilege Escalation Vulnerability

Project:Linux

Product:Kernel

Date Added:2022-10-20Due Date:2022-11-10

Vulnerability Name

Linux Kernel Privilege Escalation Vulnerability

Description

The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52

https://nvd.nist.gov/vuln/detail/CVE-2021-3493