what is ebopf linux kernal?
It is a kernel technology (starting in Linux 4.x) that allows programs to run without having to change the kernel source code or adding additional modules. It is a sort of lightweight, sandbox virtual machine (VM) inside the Linux kernel, where programmers can run BPF bytecode that takes advantage of specific kernel resources.
CVE-2021-3490 : Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to escalate privileges on Ubuntu machines.
Exploit : https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490
Analysis of ebpf exploit : https://www.graplsecurity.com/post/kernel-pwning-with-ebpf-a-love-story
#Vulnmachines – Place for Pentesters
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students, cyber professionals, companies, universities and all kinds of organizations around the world to enhance their practical skills with Real-world enterprise scenarios.
Visit : https://www.vulnmachines.com
Contact for premium labs : [email protected]
Twitter : https://www.twitter.com/vulnmachines
Twitter : https://www.twitter.com/rapidsafeguard
Facebook : https://www.fb.com/rapidsafeguard
Telegram : https://t.me/rapidsafeguard
Blogs : https://medium.com/@rapidsafeguard
Contact : [email protected]
Website : https://www.rapidsafeguard.com
#linuxkernel #ebpfexploit #cve20213490
Linux kernel exploit 2021
local privilege escalation
Download This Video