Skip to content
/ CVE-2021-3493 Public

CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)

37 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

inspiringz/CVE-2021-3493

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
images
images
 
 
README.md
README.md
 
 
exploit
exploit
 
 
exploit.c
exploit.c
 
 

Repository files navigation

CVE-2021-3493

sample

Ubuntu OverlayFS Local Privesc

Description

"Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges, due to a patch carried in Ubuntu to allow unprivileged overlayfs mounts." - Ubuntu Security

Fixed in Linux 5.11

Affected Versions

  • Ubuntu 20.10
  • Ubuntu 20.04 LTS
  • Ubuntu 19.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM

checklist: https://ubuntu.com/security/CVE-2021-3493

Usage

  • gcc exploit.c -o exploit
  • chmod +x exploit
  • ./exploit shell|command

References

About

CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)

Topics

linux ubuntu exploit privesc cve-2021-3493

Resources

Readme
Activity

Stars

37 stars

Watchers

1 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages