An independent security researcher reported that the overlayfs stacking file system within the Linux kernel as used within Ubuntu did not properly validate the application of file capabilities against user namespaces. This issue is not relevant to Red Hat Enterprise Linux kernels, as Ubuntu carries a patch to enable unprivileged overlayfs mounts. The combination of that patch and allowing unprivileged user namespaces by default in Ubuntu allows an unprivileged attacker to gain elevated privileges. References: https://www.openwall.com/lists/oss-security/2021/04/16/1