CVE-2021-3493
8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ubuntu | linux kernel | 5.8 kernel < 5.8.0-50.56 | affected |
| Ubuntu | linux kernel | 5.4 kernel < 5.4.0-72.80 | affected |
| Ubuntu | linux kernel | 4.15 kernel < 4.15.0-142.146 | affected |
| Ubuntu | linux kernel | 4.4 kernel < 4.4.0-209.241 | affected |
Weaknesses
- CWE-270: CWE-270: Privilege Context Switching Error
Workarounds
Disable unprivileged user namespaces.
ADP Enrichment
CVE Program Container
Additional References
- https://ubuntu.com/security/notices/USN-4917-1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52
- https://www.openwall.com/lists/oss-security/2021/04/16/1
- http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html
- http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
References
- https://ubuntu.com/security/notices/USN-4917-1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52
- https://www.openwall.com/lists/oss-security/2021/04/16/1
- http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html
- http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.