CVEs-PoC/2021/CVE-2021-3732.md

### [CVE-2021-3732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3732)
![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Affects%20kernel%20before%20v5.13.11%2C%20Fixed%20in%20v5.14-rc6%20and%20later.%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20-%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brightgreen)

### Description

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

### POC

#### Reference
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d1476da1a86b8d67aceb485eb3631
- https://ubuntu.com/security/CVE-2021-3732

#### Github
No PoCs found on GitHub currently.