CVE-2021-4204

HIGH

Linux Kernel < 5.8.0 - Out-of-Bounds Memory Access in eBPF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-4204.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-4204, a Linux kernel eBPF local privilege escalation vulnerability. The exploit corrupts ringbuf structures to achieve arbitrary read/write in kernel memory, ultimately overwriting task credentials to spawn a root shell.

Description

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

Exploits (1)

inthewild WORKING POC
poc
https://github.com/tr3ee/cve-2021-4204

This repository contains a functional exploit for CVE-2021-4204, a Linux kernel eBPF local privilege escalation vulnerability. The exploit corrupts ringbuf structures to achieve arbitrary read/write in kernel memory, ultimately overwriting task credentials to spawn a root shell.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux kernel (specific versions affected by CVE-2021-4204)
No auth needed
Prerequisites: Linux system with vulnerable kernel · eBPF support enabled · unprivileged user access
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.1
EPSS 0.0077
EPSS Percentile 74.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE
CWE-119 CWE-20
Status published
Products (9)
debian/debian_linux 11.0
linux/linux_kernel 5.8.0
linux/linux_kernel < 5.8.0
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
redhat/enterprise_linux 9.0
Published Aug 24, 2022
Tracked Since Feb 18, 2026