COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-3493

CVE-2021-3493

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-10-20
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-3493
⌖ exploited in the wild shame 50/100 exploited-in-wild

The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.

Players implicated

linux · vendorKernel · product

Description

The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.