CVE-2021-3493 - Linux Kernel Privilege Escalation Vulnerability
Project:Linux
Product:Kernel
Date Added:2022-10-20Due Date:2022-11-10
Vulnerability Name
Linux Kernel Privilege Escalation Vulnerability
Description
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52
https://nvd.nist.gov/vuln/detail/CVE-2021-3493