CVE-2021-3493

CVE Database · CVE-2021-3493

CVE-2021-3493

· HIGHAnalyzed

CVSS v3.1

8.8

EPSS

43.99%

Published

Apr 17, 2021

Modified

Oct 28, 2025

CISA Known Exploited Vulnerability

Added: 2022-10-20 · Due: 2022-11-10

Apply updates per vendor instructions.

Public PoC / Exploit (9)

All weaponized →

TrickestTrickest PoC index GitHub PoCbriskets/CVE-2021-3493★443 GitHub PoCinspiringz/CVE-2021-3493★42 GitHub PoConeoy/CVE-2021-3493★3 GitHub PoCcerodah/overlayFS-CVE-2021-3493★1 GitHub PoCpuckiestyle/CVE-2021-3493★1 GitHub PoCfei9747/CVE-2021-3493★1 GitHub PoCAbdennour-py/CVE-2021-3493★0 GitHub PoCderek-turing/CVE-2021-3493★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

CWE-270CWE-863

Affected Products (3)

canonical · ubuntu_linux (up to 18.04)vulnerable

canonical · ubuntu_linux (up to 20.04)vulnerable

canonical · ubuntu_linux (up to 20.10)vulnerable

References (13)

http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html

Press/Media CoverageThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html

ExploitThird Party AdvisoryVDB Entry

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52

Mailing ListPatch

KEV Catalog EPSS Scores Vendors All CVEs