{"api_version":"1","generated_at":"2026-04-23T05:14:40+00:00","cve":"CVE-2021-3493","urls":{"html":"https://cve.report/CVE-2021-3493","api":"https://cve.report/api/cve/CVE-2021-3493.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-3493","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-3493"},"summary":{"title":"CVE-2021-3493","description":"The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.","state":"PUBLIC","assigner":"security@ubuntu.com","published_at":"2021-04-17 05:15:00","updated_at":"2023-07-07 19:10:00"},"problem_types":["CWE-863"],"metrics":[],"references":[{"url":"http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"Ubuntu Overlayfs Local Privilege Escalation ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.openwall.com/lists/oss-security/2021/04/16/1","name":"https://www.openwall.com/lists/oss-security/2021/04/16/1","refsource":"MISC","tags":[],"title":"oss-security - [CVE-2021-3493] Ubuntu Linux kernel overlayfs fs caps privilege\n escalation","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"Ubuntu OverlayFS Local Privilege Escalation ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html","name":"http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LSN-0076-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://ubuntu.com/security/notices/USN-4917-1","name":"https://ubuntu.com/security/notices/USN-4917-1","refsource":"MISC","tags":[],"title":"USN-4917-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-3493","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3493","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"An independent security researcher reporting to the SSD Secure Disclosure program","lang":""}],"nvd_cpes":[{"cve_year":"2021","cve_id":"3493","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3493","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2021","cve_id":"3493","cve":"CVE-2021-3493","vendorProject":"Linux","product":"Kernel","vulnerabilityName":"Linux Kernel Privilege Escalation Vulnerability","dateAdded":"2022-10-20","shortDescription":"The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-11-10","knownRansomwareCampaignUse":"Unknown","notes":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52; https://nvd.nist.gov/vuln/detail/CVE-2021-3493","cwes":"CWE-862","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2021","cve_id":"3493","cve":"CVE-2021-3493","epss":"0.752420000","percentile":"0.988900000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:16"},"legacy_qids":[{"cve":"CVE-2021-3493","qid":"180539","title":"Debian Security Update for linux (CVE-2021-3493)"},{"cve":"CVE-2021-3493","qid":"198331","title":"Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-4915-1)"},{"cve":"CVE-2021-3493","qid":"198332","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4916-1)"},{"cve":"CVE-2021-3493","qid":"198333","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4917-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@ubuntu.com","DATE_PUBLIC":"2021-04-15T00:00:00.000Z","ID":"CVE-2021-3493","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"linux kernel","version":{"version_data":[{"version_affected":"<","version_name":"5.8 kernel","version_value":"5.8.0-50.56 "},{"version_affected":"<","version_name":"5.4 kernel","version_value":" 5.4.0-72.80 "},{"version_affected":"<","version_name":"4.15 kernel","version_value":"4.15.0-142.146 "},{"version_affected":"<","version_name":"4.4 kernel","version_value":" 4.4.0-209.241"}]}}]},"vendor_name":"Ubuntu"}]}},"credit":[{"lang":"eng","value":"An independent security researcher reporting to the SSD Secure Disclosure program"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-270: Privilege Context Switching Error"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://ubuntu.com/security/notices/USN-4917-1","name":"https://ubuntu.com/security/notices/USN-4917-1"},{"refsource":"MISC","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52"},{"refsource":"MISC","url":"https://www.openwall.com/lists/oss-security/2021/04/16/1","name":"https://www.openwall.com/lists/oss-security/2021/04/16/1"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html","url":"http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html","url":"http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html","url":"http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html"}]},"solution":[{"lang":"eng","value":"Apply https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52"}],"source":{"discovery":"EXTERNAL"},"work_around":[{"lang":"eng","value":"Disable unprivileged user namespaces."}]},"nvd":{"publishedDate":"2021-04-17 05:15:00","lastModifiedDate":"2023-07-07 19:10:00","problem_types":["CWE-863"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:lts:*:*:*","versionStartIncluding":"18.04.1","versionEndExcluding":"20.04","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:lts:*:*:*","versionEndExcluding":"18.04","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:-:*:*:*","versionEndExcluding":"20.10","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"3493","Ordinal":"205763","Title":"CVE-2021-3493","CVE":"CVE-2021-3493","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"3493","Ordinal":"1","NoteData":"The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"3493","Ordinal":"2","NoteData":"2021-04-17","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"3493","Ordinal":"3","NoteData":"2021-12-03","Type":"Other","Title":"Modified"}]}}}