The U.S. CISA adds the Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog.
The CVE-2021-3493 is a Linux Kernel privilege escalation vulnerability. The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, leads to a privilege escalation.
Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, called Shikitega, that targets endpoints and IoT devices. The Shikitega infection chain leverages two Linux vulnerabilities for privilege escalation, the CVE-2021-3493 and CVE-2021-4034 (aka PwnKit).
Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to address vulnerabilities by November 10, 2022