CVE-2021-3493
UBUNTU OVERLAYFS LOCAL PRIVIESC
Find out how a vulnerability in OverlayFS allows local users under Ubuntu to gain root privileges.
Vulnerability Summary
An Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges, due to a patch carried in Ubuntu to allow unprivileged overlayfs mounts.
CVE
CVE-2021-3493
Credit
An independent security researcher has reported this vulnerability to the SSD Secure Disclosure program.
Affected Versions
*Ubuntu 20.10
*Ubuntu 20.04 LTS
*Ubuntu 18.04 LTS
*Ubuntu 16.04 LTS
*Ubuntu 14.04 ESM