Vulnerability Description
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 5.17.0 |
| Fedoraproject | Fedora | 34 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2009704Issue TrackingThird Party Advisory
- https://www.openwall.com/lists/oss-security/2021/10/14/3Mailing ListThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2009704Issue TrackingThird Party Advisory
- https://www.openwall.com/lists/oss-security/2021/10/14/3Mailing ListThird Party Advisory
FAQ
What is CVE-2021-3847?
CVE-2021-3847 is a vulnerability with a CVSS score of 7.8 (HIGH). An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into anot...
How severe is CVE-2021-3847?
CVE-2021-3847 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3847?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Fedoraproject Fedora.