4 matches found
The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...
The vulnerability of the bpf_map_put() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the bpfmapput function in the kernel/bpf/syscall.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
Linux 内核通过 BPF 系统调用提权漏洞
漏洞概要 4 月 27 日有安全研究人员在 bugs.chromium.org 站点提交了本地提权高 危漏洞。 Linux 内核版本大于等于 4.4 时,当内核编译了 CONFIGBPFSYSCALL 并 且 sysctl 中的 kernel.unprivilegedbpfdisabled 没有明确设置为 1 时,无特 权的代码可以使用 bpf 系统调用加载 eBPF socket 过滤程序,从而达到系统提 权的⺫的,而前面的两个条件在最新的 Linux 发行版 Ubuntu 16.04 桌面版和 服务器版本均满足,经过测试 Kali Rolling 发行版 内核 4.4.0...
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() bpf(BPF_PROG_LOAD) Privilege Escalation
Linux Kernel 4.4.x Ubuntu 16.04 - double-fdput bpfBPFPROGLOAD Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtim...