Check system and kernel settings for CVE-2021-33909 (Sequoia)

/static/assets/linux-logo.svg
Check the net.core.bpf_jit_enable settings (weak BPF functionality implementation which allows further access to kernel assets), kernel.unprivileged_bpf_disable (weakBPF functionality implementation which allows for unprivileged access), and kernel.unprivileged_userns_clone (enables unprivileged user namespaces).
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
Sequoia

2021-10-26

/static/assets/linux-logo.svg
Elevate an unprivileged user to root privileges via CVE-2021-33909 (Sequoia) exploitation.