CVE-2021-3847

EPSS 0.5%CWE-281

An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.

Productos afectados

n/a · kernel

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.redhat.com/show_bug.cgi?id=2009704 https://www.openwall.com/lists/oss-security/2021/10/14/3