14 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of boun...
Exploit for Improper Input Validation in Linux Linux_Kernel
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and...
Linux eBPF ALU32 32-bit Invalid Bounds Tracking Local Privilege Escalation Exploit
Linux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10.37 are vulnerable to a bug in the eBPF verifier's verification of ALU32 operations in the scalar32minmaxand function when performing AND operations, whereby under certain conditions the bounds of a 32 bit register would not b...
Linux eBPF ALU32 32-bit Invalid Bounds Tracking Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE', 'Description' = %q Linux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10....
SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:2198-1)
"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2198-1 advisory. - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fusedogetattr calls...
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
Out-of-bounds
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490 Linux kernel eBPF bitwise ops ALU32 bounds tracking
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490
Technical details about CVE-2021-3490 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490
A flaw was found in the Linux kernels eBPF verification code. It was discovered that eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR did not update the 32-bit bounds. By default accessing the eBPF verifier is only accessible to privileged users with CAPSYSADMIN. A local user with the...
UBUNTU-CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...