Merge pull request #154 from bytedance/add-bpf-built-in-rule

docs: Add a reference for `disallow-load-all-bpf-prog`
bytedance · Dec 27, 2024 · 51a4f3e · 51a4f3e
2 parents 2f0932f + ab0361d
commit 51a4f3e
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 0 deletions.
diff --git a/website/docs/guides/policies_and_rules/built_in_rules/hardening.md b/website/docs/guides/policies_and_rules/built_in_rules/hardening.md
@@ -408,6 +408,7 @@ Refer to the following links for further information.
 * [Taking the Elevator down to ring 0](https://blog.lumen.com/taking-the-elevator-down-to-ring-0)
 * [CVE-2022-23222](https://www.openwall.com/lists/oss-security/2022/01/18/2)
 * [CVE-2021-31440](https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier)
+* [CVE-2021-3490](https://www.crowdstrike.com/en-us/blog/exploiting-cve-2021-3490-for-container-escapes/)
 * [CVE-2020-8835](https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification).
 :::
 

diff --git a/...ugin-content-docs/current/guides/policies_and_rules/built_in_rules/hardening.md b/...ugin-content-docs/current/guides/policies_and_rules/built_in_rules/hardening.md
@@ -403,6 +403,7 @@ User Namespace 可以被用于增强容器隔离性。但它的出现同时也
 * [Taking the Elevator down to ring 0](https://blog.lumen.com/taking-the-elevator-down-to-ring-0)
 * [CVE-2022-23222](https://www.openwall.com/lists/oss-security/2022/01/18/2)
 * [CVE-2021-31440](https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier)
+* [CVE-2021-3490](https://www.crowdstrike.com/en-us/blog/exploiting-cve-2021-3490-for-container-escapes/)
 * [CVE-2020-8835](https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification)
 :::
 

diff --git a/...content-docs/version-v0.6/guides/policies_and_rules/built_in_rules/hardening.md b/...content-docs/version-v0.6/guides/policies_and_rules/built_in_rules/hardening.md
@@ -403,6 +403,7 @@ User Namespace 可以被用于增强容器隔离性。但它的出现同时也
 * [Taking the Elevator down to ring 0](https://blog.lumen.com/taking-the-elevator-down-to-ring-0)
 * [CVE-2022-23222](https://www.openwall.com/lists/oss-security/2022/01/18/2)
 * [CVE-2021-31440](https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier)
+* [CVE-2021-3490](https://www.crowdstrike.com/en-us/blog/exploiting-cve-2021-3490-for-container-escapes/)
 * [CVE-2020-8835](https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification)
 :::
 

diff --git a/...rsioned_docs/version-v0.6/guides/policies_and_rules/built_in_rules/hardening.md b/...rsioned_docs/version-v0.6/guides/policies_and_rules/built_in_rules/hardening.md
@@ -408,6 +408,7 @@ Refer to the following links for further information.
 * [Taking the Elevator down to ring 0](https://blog.lumen.com/taking-the-elevator-down-to-ring-0)
 * [CVE-2022-23222](https://www.openwall.com/lists/oss-security/2022/01/18/2)
 * [CVE-2021-31440](https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier)
+* [CVE-2021-3490](https://www.crowdstrike.com/en-us/blog/exploiting-cve-2021-3490-for-container-escapes/)
 * [CVE-2020-8835](https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification).
 :::