CVE-2021-34866
Published on: 01/25/2022 12:00:00 AM UTC
Last Modified on: 03/29/2022 04:35:00 PM UTC
Certain versions of Linux Kernel from Linux contain the following vulnerability:
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689.
- CVE-2021-34866 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software:
Linux - Kernel version 5.14-rc3
CVSS3 Score: 7.8 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.2 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
CVE-2021-34866 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | security.netapp.com text/html |
![]() |
ZDI-21-1148 | Zero Day Initiative | www.zerodayinitiative.com text/html |
![]() |
Related QID Numbers
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Linux | Linux Kernel | 5.14 | rc3 | All | All |
Hardware | Netapp | H300e | - | All | All | All |
Operating System | Netapp | H300e Firmware | - | All | All | All |
Hardware | Netapp | H300s | - | All | All | All |
Operating System | Netapp | H300s Firmware | - | All | All | All |
Hardware | Netapp | H410c | - | All | All | All |
Operating System | Netapp | H410c Firmware | - | All | All | All |
Hardware | Netapp | H410s | - | All | All | All |
Operating System | Netapp | H410s Firmware | - | All | All | All |
Hardware | Netapp | H500e | - | All | All | All |
Operating System | Netapp | H500e Firmware | - | All | All | All |
Hardware | Netapp | H500s | - | All | All | All |
Operating System | Netapp | H500s Firmware | - | All | All | All |
Hardware | Netapp | H700e | - | All | All | All |
Operating System | Netapp | H700e Firmware | - | All | All | All |
Hardware | Netapp | H700s | - | All | All | All |
Operating System | Netapp | H700s Firmware | - | All | All | All |
- cpe:2.3:o:linux:linux_kernel:5.14:rc3:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*:
Discovery Credit
Ryota Shiga(@Ga_ryo_) of Flatt Security
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
セキュリティエンジニアの志賀(@Ga_ryo_)が「脆弱性リサーチプロジェクト」において報告した脆弱性が2つ公開されました。 1. CVE-2021-34866 Linux Kernel eBPF Type Confusion… twitter.com/i/web/status/1… | 2021-10-29 05:54:21 |
![]() |
The vuln CVE-2021-34866 has a tweet created 0 days ago and retweeted 10 times. twitter.com/flatt_security… #pow1rtrtwwcve | 2021-10-29 14:06:00 |
![]() |
Linux Kernel eBPF Type Confusion Privilege Escalation vulmon.com/vulnerabilityd… CVE-2021-34866 #Vulmon #Linux #InfoSec #CyberSecurity | 2021-10-30 08:02:20 |
![]() |
Here's my PoC exploit for CVE-2021-34866 :) blog.hexrabbit.io/2021/11/03/CVE… | 2021-11-03 09:32:40 |
![]() |
The vuln CVE-2021-34866 has a tweet created 0 days ago and retweeted 10 times. twitter.com/h3xr4bb1t/stat… #pow1rtrtwwcve | 2021-11-03 12:06:00 |
![]() |
CVE-2021-34866 Writeup; by @h3xr4bb1t An article covering exploitation of a type confusion in the eBPF subsystem.… twitter.com/i/web/status/1… | 2021-11-06 01:51:24 |
![]() |
@h3xr4bb1t 您好,我们是Seebug漏洞平台,看到您博客的文章《CVE-2021-34866 Writeup》很不错,请问能否授权转载至Seebug Paper栏目(paper.seebug.org),我们会在文首注明作者和来源~? | 2021-11-08 08:38:21 |
![]() |
The vuln CVE-2021-34866 has a tweet created 5 days ago and retweeted 100 times. twitter.com/h3xr4bb1t/stat… #pow2rtrtwwcve | 2021-11-09 00:06:01 |
![]() |
Linux Kernel eBPF Type Confusion Privilege Escalation CVE-2021-34866 | 2021-10-30 08:02:43 |
![]() |
CVE-2021-34866 Writeup | 2021-11-06 01:52:06 |
![]() |
CVE-2021-34866 | 2022-01-25 16:38:55 |