Exploitation Summary
CVE-2021-3493 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added October 20, 2022.
EIP tracks 23 public exploits from researchers including briskets, inspiringz, oneoy, including a Metasploit module exploits/linux/local/gameoverlay_privesc.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS vulnerability allowing local privilege escalation. The exploit leverages improper validation of file system capabilities in user namespaces to gain root privileges.
Description
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
Exploits (23)
This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS vulnerability allowing local privilege escalation. The exploit leverages improper validation of file system capabilities in user namespaces to gain root privileges.
This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS vulnerability allowing local privilege escalation. The exploit leverages improper validation of file system capabilities in user namespaces to gain elevated privileges.
This repository contains a functional exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu's OverlayFS implementation. The exploit leverages improper validation of file system capabilities in user namespaces to gain root privileges.
This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS vulnerability allowing local privilege escalation. The exploit leverages improper validation of file system capabilities in user namespaces to gain root privileges.
This repository contains a functional exploit for CVE-2021-3493, an OverlayFS vulnerability in the Linux kernel that allows local privilege escalation to root. The exploit leverages user namespace and overlay filesystem manipulation to gain elevated privileges.
This exploit leverages CVE-2021-3493, a vulnerability in Ubuntu's OverlayFS, to achieve local privilege escalation by manipulating file capabilities in a user namespace. The code sets up an OverlayFS mount, copies a binary with elevated capabilities, and executes it to gain root access.
This repository contains a functional exploit for CVE-2021-3493, an OverlayFS local privilege escalation vulnerability in the Ubuntu Linux kernel. The exploit leverages user namespace and OverlayFS to gain root access by manipulating file capabilities.
This repository contains a functional proof-of-concept exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu's OverlayFS implementation. The exploit leverages incorrect handling of file capabilities in user namespaces to gain root privileges.
This repository contains a functional exploit for CVE-2021-3493, which is a local privilege escalation vulnerability. The exploit provides multiple post-exploitation options, including SSH backdoor key injection, sudo backdoor installation, and persistence mechanisms.
This repository contains a functional exploit for CVE-2021-3493, leveraging a vulnerability in the OverlayFS module in the Linux kernel to achieve local privilege escalation (LPE). The exploit manipulates file capabilities and user namespaces to gain root access.
The repository contains a functional proof-of-concept exploit for CVE-2021-3493, a Linux Kernel OverlayFS privilege escalation vulnerability. The exploit code is provided in C and includes detailed technical analysis of the vulnerability.
This repository contains a functional exploit for CVE-2021-3493, which leverages a vulnerability in Ubuntu's OverlayFS to gain root privileges by bypassing capability checks in user namespaces. The exploit creates an OverlayFS mount, sets arbitrary capabilities on a binary, and executes it to escalate privileges.
This repository provides a detailed writeup and step-by-step guide for exploiting CVE-2021-3493, a local privilege escalation vulnerability in the OverlayFS module of the Linux kernel. It includes instructions for compiling and running an exploit to gain root access on a vulnerable system.
This repository contains functional exploit code for CVE-2021-3493 (LPE via OverlayFS) and CVE-2022-3357 (RCE via PHP deserialization). The payload.c demonstrates privilege escalation, while demonPayload.php and popChain.php show a PHP object injection chain for remote code execution.
This repository contains a functional exploit for CVE-2021-3493, an OverlayFS vulnerability in the Linux kernel. The exploit leverages user namespace and OverlayFS to gain root privileges by manipulating file capabilities.
This exploit leverages CVE-2021-3493, a vulnerability in the Linux kernel's overlayfs module, to achieve local privilege escalation (LPE) by manipulating file capabilities in a user namespace. The exploit creates an overlayfs mount, copies the executable with elevated capabilities, and spawns a root shell.
This exploit leverages CVE-2021-3493, a vulnerability in the OverlayFS module of the Linux kernel, to achieve local privilege escalation (LPE). It manipulates file capabilities via setxattr in a user namespace to gain root access.
This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS local privilege escalation vulnerability. The exploit leverages improper validation of file system capabilities in user namespaces to gain elevated privileges.
This exploit leverages CVE-2021-3493, a vulnerability in the Linux kernel's overlayfs module, to achieve local privilege escalation (LPE) by manipulating file capabilities and user namespaces. The PoC creates an overlayfs mount, copies the executable with elevated capabilities, and spawns a root shell.
This repository contains a functional exploit for CVE-2021-3493, an Ubuntu-specific OverlayFS vulnerability allowing local privilege escalation. The exploit leverages improper validation of file system capabilities in user namespaces to gain root privileges.
This Metasploit module exploits CVE-2021-3493, a privilege escalation vulnerability in Ubuntu kernels due to unsafe overlayfs operations. It leverages the lack of proper sanitization of setuid capabilities in unioned directories to gain root access.
This repository contains a functional exploit for CVE-2023-38646 (Metabase RCE) and CVE-2021-3493 (OverlayFS LPE). The Python script exploits a command injection vulnerability in Metabase via crafted API requests, while the C exploit leverages OverlayFS to escalate privileges.
This Metasploit module exploits CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu's overlayfs implementation. It leverages the failure to verify user capabilities when setting attributes on executable files, allowing an attacker to gain root privileges.
References (7)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H