Tags
K8s
ATT&CK Tactic
Privilege Escalation (TA0004)
References
https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes/
Last edited
Jan 18, 2024 1:25 PM
Status
Stub
About
CrowdStrike researchers offered a way to weaponize an older kernel privilege escalation CVE-2021-3490 to container environments.
The escape requires CAP_BPF privilege in the initial namespace and thus is only pertinent to containers with this specific privilege.