Published: 04/06/2021 Updated: 14/09/2021

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 643

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

This vulnerability allows local malicious users to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 5.13
canonical ubuntu linux 20.04
canonical ubuntu linux 20.10
canonical ubuntu linux 21.04

A use-after-free flaw was found in the Linux kernel's NFC LLCP protocol implementation in the way the user performs manipulation with an unknown input for the llcp_sock_bind() function This flaw allows a local user to crash or escalate their privileges on the system (CVE-2020-25670) A use-after-free flaw was found in the Linux kernel's NFC LLCP p ...

A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...

A security issue was found in the Linux kernel It was discovered that eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) did not update the 32-bit bounds, leading to out-of-bounds reads and writes in the kernel ...

Linux kernels from 57-rc1 prior to 513-rc4, 5124, 51121, and 51037 are vulnerable to a bug in the eBPF verifier's verification of ALU32 operations in the scalar32_min_max_and function when performing AND operations, whereby under certain conditions the bounds of a 32 bit register would not be properly updated This can be abused by attacker ...

eBPF & Cilium Office Hours

eCHO - eBPF & Cilium Office Hours With a little bit of imagination, eCHO stands for "eBPF & Cilium Office Hours" Inspired by TGIK this is a livestream hosted by Liz Rice and Duffie Cooley where we'll discuss all things related to the Cilium project and the broader world of eBPF We'd love your questions during the show! Previous episodes are

Linux_LPE_eBPF_CVE-2021-3490 LPE exploit for CVE-2021-3490 Tested on Ubuntu 200402 and 2010 (Groovy Gorilla) kernels 580-2526 through 580-5258 and Ubuntu 2104 (Hirsute Hippo) 5110-1617 The vulnerability was discovered by Manfred Paul @_manfp and fixed in this commit author: @chompie1337 For educational/research purposes only Use at your own risk Usage: To bui

D^3CTF 2022 d3bpf, d3bpf-v2 attachment, exp and official writeup

Write Up 在我的博客里查看！ d3bpf 此题是一个 Linux kernel ebpf 利用的入门题。主要参考了这篇文章。exp 也有一部分使用了作者的代码。事实上，参考这篇文章就可以完成对本题的利用。非常感谢这篇文章的作者！ This challenge is an introductory question of Linux kernel ebpf exploit The main reference is this art

A collection of Modified EXPs about eBPF.

EXP List CVE-2022-23222 CVE-2021-3490

xcoderootsploit X-code Root Sploit v01 Beta 1 Dibangun oleh Kurniawan - kurniawanajazenfone@gmailcom - xcodecoid - 20 Maret 2024 Aplikasi untuk membantu privilege escalation secara otomatis pada target linux Dengan exploit ini maka peretas cukup menjalankan program maka otomatis bisa mendapatkan akses root selama target mempunyai kerentanan untuk dilakukan privil

Aplikasi untuk privilege escalation secara otomatis pada target linux

xcoderootsploit Aplikasi untuk privilege escalation secara otomatis pada target linux Sumber : Privilege Escalation pada Ubuntu 20042 (Bisa untuk target Ubuntu 2010 dan 2104) - CVE-2021-3490 githubcom/chompie1337/Linux_LPE_eBPF_CVE-2021-3490 Privilege Escalation pada linux Ubuntu 20041 (CVE-2019-13272) githubcom/blasty/CVE-2021-3156 Privilege Escalation

Credit-card-stealing, backdoored packages found in Python's PyPI library hub

The Register • Chris Williams, Editor in Chief • 02 Aug 2021

Get our weekly newsletter Plus: SolarWinds cyber-spies hit US prosecutors' email systems, and more

In brief Malicious libraries capable of lifting credit card numbers and opening backdoors on infected machines have been found in PyPI, the official third-party software repository for Python. That's according to the JFrog security research team, which documented its findings here at the end of last month. A package dubbed noblesse, and five variants, would, we're told, look on Windows systems for Discord authentication tokens, and browser-stored credit card numbers, and siphon them off to remot...

CVE-2021-3490

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect