CVE-2020-8835

This repository contains a functional exploit for CVE-2020-8835, leveraging BPF map operations to achieve local privilege escalation (LPE) by overwriting kernel memory structures. The exploit uses BPF socket filters to leak kernel addresses, bypass KASLR, and manipulate the modprobe_path to execute arbitrary commands with root privileges.

This repository provides a formal verification of CVE-2021-31440 (incorrectly referenced as CVE-2020-8835) using Coq, demonstrating the bug in the Linux kernel eBPF verifier's bounds calculation. It includes both buggy and corrected implementations of the vulnerable function for comparative analysis.

This repository contains a functional exploit for CVE-2020-8835, a Linux kernel vulnerability in the BPF verifier that allows out-of-bounds memory access. The exploit leverages BPF instructions to trigger the vulnerability and includes detailed mitigation steps.

This repository contains a functional exploit PoC for CVE-2020-8835, which involves a Linux kernel vulnerability related to unprivileged BPF (Berkeley Packet Filter) operations. The PoC includes a Node.js server and Docker configurations to test the exploit, as well as instructions for mitigating the vulnerability by disabling unprivileged BPF.

This repository contains a functional exploit PoC for CVE-2020-8835, which involves a vulnerability in the Linux kernel's BPF (Berkeley Packet Filter) subsystem. The provided code includes BPF-related operations and a PoC to trigger the vulnerability.