what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

CVE-2021-3493

Status Candidate

Overview

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

Related Files

Ubuntu OverlayFS Local Privilege Escalation
Posted May 31, 2021
Authored by Chris Wild, Sudhanshu Kumar, Rohit Verma

The document in this archive illustrates using the included proof of concept exploit to achieve root on Ubuntu systems using a flaw in the OverlayFS file system. The exploit itself does not have author attribution as the proof of concept came through SSD Disclosures.

tags | exploit, paper, root, proof of concept
systems | linux, ubuntu
advisories | CVE-2021-3493
MD5 | f594195ba35e11d203cb280d4aa0e967
Kernel Live Patch Security Notice LSN-0076-1
Posted May 3, 2021
Authored by Benjamin M. Romer

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | b564ede11c90d1a439897db81efbd24b
Ubuntu Security Notice USN-4916-2
Posted Apr 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability, memory leak
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 463f8608bb8c56e58878d9bf6dca9de5
Ubuntu Security Notice USN-4917-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4917-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3492, CVE-2021-3493
MD5 | a63c6add6b05cf17bc9226159741c86f
Ubuntu Security Notice USN-4916-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 51ebf05c69b14b4b5df3a811f767345a
Ubuntu Security Notice USN-4915-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4915-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3492, CVE-2021-3493
MD5 | e276699a6921d022e5692c101be674d3
Page 1 of 1
Back1Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close