In recent years eBPF became the most rapidly growing subsystem in Linux kernel.

At the same time, not surprisingly, we hear more and more about vulnerabilities there. In this talk, Sergey  will present the history and evolution of eBPF virtual machine, discovered bugs and fixes that supposed to mitigate security issues but instead made them the best way to go for LPE. Sergey presents an approach on how to automate bugs discovery. Finally, we’ll talk about exploitation and post-exploitation the eBPF, which makes it the most stable code execution that’s ever been possible.