Unrated severityCISA KEVNVD Advisory· Published Apr 17, 2021· Updated Oct 21, 2025
CVE-2021-3493
CVE-2021-3493
Description
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 5.8 kernel
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.htmlmitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- ubuntu.com/security/notices/USN-4917-1mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2021/04/16/1mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.