USN-4915-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2021-3492 CVE-2021-3493 UBUNTU-CVE-2021-3492 UBUNTU-CVE-2021-3493

Published: 15 Apr 2021, 22:22

Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Apr 2021, 22:22

Published

Vulnerability first disclosed

03 Jun 2026, 13:33

Last Modified

Vulnerability information updated

Description

linux-oem-5.6 vulnerabilities It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492)

Affected Systems

ubuntu•linux-oem-5.6
< 5.6.0-1054.58

USN-4915-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)