CVE-2021-3490

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-3490, leveraging eBPF map operations to achieve arbitrary kernel memory read/write and ultimately overwrite credentials for root access. The exploit is tested on specific Ubuntu kernel versions and includes detailed technical implementation.

This repository contains a functional exploit for CVE-2021-3490, leveraging eBPF ALU32 bounds tracking flaws to achieve arbitrary read/write in the Linux kernel, leading to privilege escalation. The exploit uses crafted BPF instructions to trigger out-of-bounds memory access and manipulate kernel structures.

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-3490, leveraging eBPF map operations to achieve arbitrary kernel memory read/write. The exploit targets Ubuntu 20.04 with kernel 5.8.0-50-generic and includes detailed setup instructions.

This repository provides a technical analysis and educational demonstration of CVE-2021-3490, focusing on eBPF verifier bounds tracking. It includes a C implementation that interacts with the Linux kernel's eBPF subsystem, demonstrating BPF map creation, syscall usage, and namespace setup, but does not include an automated exploit payload.

This Metasploit module exploits CVE-2021-3490, a vulnerability in the Linux kernel's eBPF verifier that allows local privilege escalation (LPE) due to improper bounds tracking in ALU32 operations. It achieves arbitrary code execution as root by leveraging out-of-bounds read/write in the kernel.