{"id":"CVE-2021-3732","details":"A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.","modified":"2026-03-15T14:44:12.708121Z","published":"2022-03-10T17:42:59.287Z","related":["ALSA-2021:4356","SUSE-SU-2021:3177-1","SUSE-SU-2021:3178-1","SUSE-SU-2021:3179-1","SUSE-SU-2021:3192-1","SUSE-SU-2021:3205-1","SUSE-SU-2021:3205-2","SUSE-SU-2021:3206-1","SUSE-SU-2021:3207-1","SUSE-SU-2021:3217-1","SUSE-SU-2021:3415-1","SUSE-SU-2021:3876-1","SUSE-SU-2021:3929-1","SUSE-SU-2021:3935-1","SUSE-SU-2021:3969-1","SUSE-SU-2021:3972-1","openSUSE-SU-2021:1271-1","openSUSE-SU-2021:3179-1","openSUSE-SU-2021:3205-1","openSUSE-SU-2021:3876-1"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/CVE-2021-3732"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1995249"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d1476da1a86b8d67aceb485eb3631"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/427215d85e8d1476da1a86b8d67aceb485eb3631"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3732.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc5"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}