Tag
medium
advisory
CVE-2026-45932 bpf: Fix tcx/netkit Detach Permissions
2 rules 1 CVECVE-2026-45932 is a vulnerability affecting the bpf component, related to tcx/netkit detach permissions when the prog fd isn't given, requiring a security update from Microsoft.
cve
bpf
permissions
microsoft
2r
1c
high
advisory
Linux BPF Program or Map Load for Persistence
3 rules 1 TTPAttackers can leverage Linux's Berkeley Packet Filter (BPF) functionality to establish persistence by loading malicious programs or maps, allowing for stealthy and persistent code execution within the kernel.
Linux Kernel
persistence
linux
bpf
3r
1t
high
advisory
Linux BPF Program Tampering for Defense Evasion
2 rules 1 TTPAttackers can manipulate or tamper with Berkeley Packet Filter (BPF) programs on Linux systems to evade detection or analysis by security tools that rely on BPF for monitoring and security enforcement.
Linux Kernel
defense-evasion
bpf
linux
kernel
2r
1t