{"vulnerability": "CVE-2021-3490", "sightings": [{"uuid": "ea4ca2b8-4f4c-4d47-8f7f-44337fe11d20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "1540645f-b743-4330-bdf2-e58a03ac62f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/98", "content": "Kernel Pwning with eBPF: a Love Story by Valentina Palmiotti\n\nThe detailed overview of eBPF from the exploit developer's perspective and the analysis of the CVE-2021-3490 exploit for Ubuntu 20.10.\n\nhttps://www.graplsecurity.com/post/kernel-pwning-with-ebpf-a-love-story", "creation_timestamp": "2021-07-30T07:13:19.000000Z"}, {"uuid": "ee14d586-f2da-41dd-94ff-658fd9424a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2021_3490_ebpf_alu32_bounds_check_lpe.rb", "content": "", "creation_timestamp": "2021-08-31T23:56:20.000000Z"}, {"uuid": "7c811009-4a3b-46ce-ac4d-5a92b9e92caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10759", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Exploiting CVE-2021-3490 for Container Escapes.\n\nhttps://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/", "creation_timestamp": "2023-03-06T07:07:04.000000Z"}, {"uuid": "4354d1dc-c2a7-47ce-a578-97c70b08b509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:38.000000Z"}, {"uuid": "f89dbdef-96f3-4ce9-86c3-53b26b4d4dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3lkslchiv4m26", "content": "", "creation_timestamp": "2025-03-20T11:19:49.124241Z"}, {"uuid": "d4d5dcd4-c127-41c2-bf77-5a4e1a3c51f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3lkslcpbof32u", "content": "", "creation_timestamp": "2025-03-20T11:19:57.092557Z"}, {"uuid": "334231d6-d217-4e09-960d-ed54910fa3db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "Telegram/lug_jGlXUuMwjGujR8MuyVt-06f_j4UbKfrCmujX95GJiT8", "content": "", "creation_timestamp": "2023-03-06T12:13:38.000000Z"}, {"uuid": "3e4133c4-d6c0-43db-99e7-e8b6b5031ab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "https://t.me/ctinow/37820", "content": "CVE-2021-3490 \u2013 Pwning Linux kernel eBPF on Ubuntu machines\n\nhttps://ift.tt/37blrHy", "creation_timestamp": "2021-07-30T19:51:20.000000Z"}, {"uuid": "f4b934d1-3858-43bf-b5c6-d63bcbe20150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34900", "type": "seen", "source": "https://t.me/cibsecurity/35457", "content": "\u203c CVE-2021-34900 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14867.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:18:58.000000Z"}, {"uuid": "4c180ccc-739f-483b-9ce4-d4e102813642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "44de6763-2457-4563-b6dc-e58048139d8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "e9144a7a-9334-4dc4-8af5-2a31dd1cbd8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2330", "content": "Exploiting CVE-2021-3490 for Container Escapes\nhttps://ift.tt/r2cXUpe\n\nSubmitted January 19, 2023 at 05:01PM by Gallus\nvia reddit https://ift.tt/v3dSMqc", "creation_timestamp": "2023-01-20T12:12:27.000000Z"}, {"uuid": "d74893ca-e01b-4dda-90bc-48affc1866d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2321", "content": "#Offensive_security\n1. Exploiting Distroless Images\nhttps://www.form3.tech/engineering/content/exploiting-distroless-images\n2. Exploiting CVE-2021-3490 for Container Escapes\nhttps://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes", "creation_timestamp": "2023-01-19T15:21:31.000000Z"}, {"uuid": "61700719-9432-4746-ad5c-2921e2bcb506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34908", "type": "seen", "source": "https://t.me/cibsecurity/35470", "content": "\u203c CVE-2021-34908 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14881.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:24:10.000000Z"}, {"uuid": "a107641e-2f04-4913-8ab7-3af374107e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34901", "type": "seen", "source": "https://t.me/cibsecurity/35479", "content": "\u203c CVE-2021-34901 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14874.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:24:24.000000Z"}, {"uuid": "788c3f61-6def-48a2-b7c7-7312c1e8acec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7576", "content": "#Offensive_security\n1. Exploiting Distroless Images\nhttps://www.form3.tech/engineering/content/exploiting-distroless-images\n2. Exploiting CVE-2021-3490 for Container Escapes\nhttps://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes", "creation_timestamp": "2023-01-19T13:25:45.000000Z"}, {"uuid": "b5d3d0d0-4fed-49d1-9aac-12fc4e85178e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34902", "type": "seen", "source": "https://t.me/cibsecurity/35464", "content": "\u203c CVE-2021-34902 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14875.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:24:00.000000Z"}, {"uuid": "f5e86336-c055-4e0b-b661-c3fc06a0035a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34904", "type": "seen", "source": "https://t.me/cibsecurity/35454", "content": "\u203c CVE-2021-34904 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14877.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:18:54.000000Z"}, {"uuid": "922d6c7b-7ea7-4793-9a96-6e3061bcf99a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34907", "type": "seen", "source": "https://t.me/cibsecurity/35449", "content": "\u203c CVE-2021-34907 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14880.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T00:18:45.000000Z"}, {"uuid": "06fdb771-e952-4b0c-b76f-e99fbddfda89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3490", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}]}