It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges.(CVE-2021-3493)

Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2021-29154)

References

ubuntu.com/security/CVE-2021-29154

ubuntu.com/security/CVE-2021-3493

nessus 67

osv 10

openvas 41

cloudfoundry 1

ubuntu 5

f5 2

prion 2

veracode 2

githubexploit 10

packetstorm 1

metasploit 1

ubuntucve 2

redhatcve 2

attackerkb 1

rapid7blog 1

cisa_kev 1

debiancve 2

seebug 1

cve 2

photon 8

cbl_mariner 2

malwarebytes 1

thn 2

fedora 1

redhat 8

oraclelinux 6

centos 1

mageia 2

suse 4

amazon 2

ibm 2

debian 2

slackware 1

rocky 2

almalinux 1

nessus

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4916-1)

2021-04-16 00:00:00

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4917-1)

2021-04-16 00:00:00

Photon OS 4.0: Linux PHSA-2021-4.0-0011

2021-04-20 00:00:00

osv

linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression

2021-04-22 03:59:34

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

2021-04-15 23:26:22

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities

2021-04-15 23:35:11

openvas

Ubuntu: Security Advisory (USN-4916-2)

2021-04-22 00:00:00

Ubuntu: Security Advisory (USN-4916-1)

2021-04-16 00:00:00

Ubuntu: Security Advisory (USN-4917-1)

2021-04-16 00:00:00

cloudfoundry

USN-4916-1: Linux kernel vulnerabilities | Cloud Foundry

2021-04-29 00:00:00

ubuntu

Linux kernel vulnerabilities

2021-04-15 00:00:00

Linux kernel regression

2021-04-22 00:00:00

Linux kernel vulnerabilities

2021-04-15 00:00:00

K54635192 : Linux kernel overlayfs vulnerability CVE-2021-3493

2021-06-04 00:00:00

K72118410 : Linux kernel vulnerability CVE-2021-29154

2021-06-18 00:00:00

prion

Design/Logic Flaw

2021-04-17 05:15:00

Design/Logic Flaw

2021-04-08 21:15:00

veracode

Privilege Escalation

2021-08-12 15:38:55

Remote Code Execution (RCE)

2021-09-02 00:39:39

githubexploit

Exploit for Incorrect Authorization in Canonical Ubuntu Linux

2022-10-02 19:44:45

Exploit for Improper Privilege Management in Canonical Ubuntu Linux

2021-04-22 02:06:21

Exploit for Incorrect Authorization in Canonical Ubuntu Linux

2022-11-29 12:56:00

packetstorm

Ubuntu Overlayfs Local Privilege Escalation

2021-12-03 00:00:00

metasploit

2021 Ubuntu Overlayfs LPE

2021-12-01 20:54:47

ubuntucve

CVE-2021-3493

2021-04-15 00:00:00

CVE-2021-29154

2021-04-08 00:00:00

redhatcve

CVE-2021-3493

2021-04-16 19:11:59

CVE-2021-29154

2021-04-08 20:52:11

attackerkb

CVE-2021-3493

2021-04-15 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-12-03 21:03:18

cisa_kev

Linux Kernel Privilege Escalation Vulnerability

2022-10-20 00:00:00

debiancve

CVE-2021-3493

2021-04-17 05:15:00

CVE-2021-29154

2021-04-08 21:15:00

seebug

ubuntu特权提升漏洞（CVE-2021-3493）

2021-04-20 00:00:00

cve

CVE-2021-3493

2021-04-17 05:15:00

CVE-2021-29154

2021-04-08 21:15:00

photon

Important Photon OS Security Update - PHSA-2021-0011

2021-04-20 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0382

2021-04-19 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0340

2021-04-28 00:00:00

cbl_mariner

CVE-2021-29154 affecting package kernel 5.10.167.1-1

2021-09-09 15:03:26

CVE-2021-29154 affecting package kernel 5.10.78.1-1

2022-04-09 06:52:47

malwarebytes

Evasive Shikitega Linux malware drops Monero cryptominer

2022-09-07 22:45:00

thn

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

2022-09-07 12:38:00

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

2023-07-27 13:25:00

fedora

[SECURITY] Fedora 33 Update: kernel-5.11.13-200.fc33

2021-04-14 14:43:50

redhat

(RHSA-2021:3328) Important: kernel-rt security and bug fix update

2021-08-31 07:45:27

(RHSA-2021:3327) Important: kernel security and bug fix update

2021-08-31 07:45:12

(RHSA-2021:3653) Important: Red Hat Advanced Cluster Management 2.1.11 security fix and container updates

2021-09-23 14:58:27

oraclelinux

Unbreakable Enterprise kernel-container security update

2021-06-15 00:00:00

kernel security and bug fix update

2021-08-31 00:00:00

Unbreakable Enterprise kernel security update

2021-06-15 00:00:00

centos

bpftool, kernel, perf, python security update

2021-08-31 21:19:47

mageia

Updated kernel packages fix security vulnerabilities

2021-04-18 17:50:05

Updated kernel-linus packages fix security vulnerabilities

2021-04-18 17:50:05

suse

Security update for the Linux Kernel (important)

2021-04-19 00:00:00

Security update for the Linux Kernel (important)

2021-05-22 00:00:00

Security update for the Linux Kernel (important)

2021-07-11 00:00:00

amazon

Low: kernel

2021-05-20 21:12:00

Important: kernel

2021-04-20 17:55:00

ibm

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

2021-12-03 18:47:00

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

2021-10-11 18:12:27

debian

[SECURITY] [DLA 2690-1] linux-4.19 security update

2021-06-23 00:05:06

[SECURITY] [DLA 2689-1] linux security update

2021-06-23 00:11:57

slackware

[slackware-security] Slackware 14.2 kernel

2021-07-21 05:44:30

rocky

kernel-rt security and bug fix update

2022-05-10 06:42:36

kernel security, bug fix, and enhancement update

2022-05-10 08:11:36

almalinux

Important: kernel security, bug fix, and enhancement update

2022-05-10 08:11:36

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.0%

JSON

Related for LSN-0076-1