Vulnerability CVE-2021-3847


Published: 2022-04-01   Modified: 2022-04-02

Description:
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.

 References:
https://www.openwall.com/lists/oss-security/2021/10/14/3
https://bugzilla.redhat.com/show_bug.cgi?id=2009704

Copyright 2026, cxsecurity.com

 

Back to Top