Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3732

Опубликовано: 12 авг. 2021
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2021:414009.11.2021
Red Hat Enterprise Linux 8kernelFixedRHSA-2021:435609.11.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1995249kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files

EPSS

Процентиль: 2%
0.00014
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-3732

CVSS3: 5.5
ubuntu
больше 3 лет назад

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

nvd логотип

CVE-2021-3732

CVSS3: 5.5
nvd
больше 3 лет назад

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

msrc логотип

CVE-2021-3732

CVSS3: 5.5
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-3732

CVSS3: 5.5
debian
больше 3 лет назад

A flaw was found in the Linux kernel's OverlayFS subsystem in the way ...

github логотип

GHSA-wc3f-5p43-3cxx

CVSS3: 5.5
github
больше 3 лет назад

A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can inadvertently reveal files hidden in the original mount.

EPSS

Процентиль: 2%
0.00014
Низкий

3.3 Low

CVSS3