CVE-2021-25741

This repository contains a functional Zig-based exploit demonstrating CVE-2021-25741, a TOCTOU symlink race condition in Kubernetes kubelet's volume mounting. It includes detailed technical documentation and a working PoC that shows how concurrent symlink swaps bypass path validation between `lstat()` and `open()`.

This repository contains a functional exploit for CVE-2021-25741, a vulnerability in Kubernetes. The exploit uses a crafted YAML file (pod.yaml) and a shell script (run.sh) to trigger the vulnerability, likely involving a symlink attack to achieve container escape or privilege escalation.

This repository contains a functional exploit for CVE-2021-25741, a Kubernetes vulnerability allowing node filesystem mount via a race condition in kubelet. The exploit includes a YAML pod configuration and a script to automate deployment and verification.