VDB
DEBIAN-CVE-2021-3493
DEBIAN-CVE-2021-3493
PUBLISHED
CVSS 7.800000190734863 HIGH
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 0, 0 |
| Debian:12 | linux | 0, 0, 0 |
| Debian:13 | linux | 0, 0, 0 |
| Debian:11 | linux | 0, 0, 0 |
Exploit Intelligence
- fei9747/CVE-2021-3493 (github-poc-repo)
- Exploit For OverlayFS (github-poc-repo)
- smallkill/CVE-2021-3493 (github-poc-repo)
- ptkhai15/OverlayFS---CVE-2021-3493 (github-poc-repo)
- Ubuntu OverlayFS Local Privesc (github-poc-repo)
- Exploit a 2021 Kernel vulnerability in Ubuntu to become root almost instantly! (github-poc-repo)
- Sornphut/OverlayFS---CVE-2021-3493 (github-poc-repo)
- root Privileges (github-poc-repo)
- CVE-2021-3493 OverlayFS privilege escalation exploit framework with advanced red team features. Includes persistence mechanisms, post-exploitation modules, stealth capabilities, and comprehensive documentation. For authorized testing only. (github-poc-repo)
- Type Local Privilege Escalation exploit for CVE-2021-3493(Ubuntu Kernel vulnerability) documrnted during TryHackme Lab (github-poc-repo)
…and 20 more exploits
Timeline
- Apr 17, 2021 CVE Published
- Apr 28, 2026 CVE Updated