Linux eBPF bug gets root privileges on Ubuntu – Exploit released

From bleepingcomputer.com

Linux eBPF bug gets root privileges on Ubuntu - Exploit released

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF (Extended Berkeley Packet Filter) that can give an attacker increased privileges on Ubuntu machines.

The bug is tracked as CVE-2021-3490. It was disclosed in May and is a privilege escalation, so leveraging it requires local access on the target machine.

eBPF is a technology that enables user-supplied programs to run sandboxed inside the operating system’s kernel, triggered by a specific event or function (e.g. system call, network events).

Read more…