Security News > 2021 > July > Linux eBPF bug gets root privileges on Ubuntu - Exploit released

Linux eBPF bug gets root privileges on Ubuntu - Exploit released
2021-07-30 16:26

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF that can give an attacker increased privileges on Ubuntu machines.

eBPF is a technology that enables user-supplied programs to run sandboxed inside the operating system's kernel, triggered by a specific event or function.

If properly exploited, a local attacker could get kernel privileges to run arbitrary code on the machine.

Her research into this bug also covers the specifics for triggering the vulnerability to leverage it for elevated privileges and to create a denial-of-service condition on the target system by locking up all available kernel threads.

Porting eBPF to Windows is still an early project that has a lot of development ahead. Palmiotti's research into CVE-2021-3490 was limited to the Linux implementation.

The PoC is designed for Groovy Gorilla kernels 5.8.0-25.26 through 5.8.0-52.58, and Hirsute Hippo kernel version 5.11.0-16.17.


News URL

https://www.bleepingcomputer.com/news/security/linux-ebpf-bug-gets-root-privileges-on-ubuntu-exploit-released/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-04 CVE-2021-3490 Out-of-bounds Write vulnerability in multiple products
The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution.
local
low complexity
linux canonical CWE-787
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 18 397 1368 1114 696 3575
Ubuntu 14 14 40 21 19 94