Spawn elevated Pneuma via CVE-2021-3490 (eBPF)

/static/assets/linux-logo.svg
Spawn a beacon using the (eBPF vulnerability) identified in CVE-2021-3490.The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution.
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.0)
Test this TTP using one of our Operator chains
eBPF CVE-2021-3490

2021-11-09

/static/assets/linux-logo.svg
Elevate an unprivileged user to root privileges via CVE-2021-3490 (eBPF) exploitation.