TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Google spam proposal sparks partisan backlash in Washington

    June 28, 2022

    G7 accused of ‘backsliding’ on climate goals over energy security fears

    June 28, 2022

    Ransomware in Q1 2022 doubled total 2021 volume

    June 28, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Google spam proposal sparks partisan backlash in Washington

      June 28, 2022

      Axie Infinity NFT game reopens transactions months after $625 million theft

      June 28, 2022

      Podcasters are organizing to support abortion rights after Roe is overturned

      June 28, 2022

      VW sells minority stake in Electrify America to Siemens

      June 28, 2022

      Our favorite benchmarks for testing PCs and how to use them

      June 28, 2022
    • Business
    • Cyber Security

      Ransomware in Q1 2022 doubled total 2021 volume

      June 28, 2022

      Lithuania hit by DDoS cyberattack

      June 28, 2022

      2 out of 3 European citizens welcome digital ID wallet

      June 28, 2022

      87% of executives have no cybersecurity tools on personal devices

      June 27, 2022

      CISA releases cloud security reference

      June 27, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Container Escape Flaw Hits AWS, Google Cloud, Linux Distros
    Cyber Security

    Container Escape Flaw Hits AWS, Google Cloud, Linux Distros

    February 12, 2019Updated:February 12, 2019No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    A vulnerability recently addressed in runc could allow malicious containers to gain root-level code execution on the host.

    Introduced in 2015, runc is a lightweight, portable container runtime that includes all of the code used by Docker to interact with system features related to containers. The runtime is used in most containers out there, including cri-o, containerd, Kubernetes, Podman, and others.

    Tracked as CVE-2019-5736 and featuring a CVSSv3 score of 7.2, the vulnerability can be exploited with minimal user interaction, senior software engineer at SUSE Linux and runc maintainer Aleksa Sarai says.

    Discovered by Adam Iwaniuk and Borys Popławski, the vulnerability could allow a malicious container to overwrite the host runc binary and execute code on the host.

    The bug can be triggered when creating a new container using an attacker-controlled image, or when attaching to a running container (using docker exec) that the attacker previously had write access to.

    “Exploiting this vulnerability means that malicious code could potentially break containment, impacting not just a single container, but the entire container host, ultimately compromising the hundreds-to-thousands of other containers running on it,” Scott McCarty, Red Hat principal product manager for containers, says.

    The use of SELinux in targeted enforcing mode prevents this vulnerability from being exploited. However, the default AppArmor policy and the default SELinux policy on Fedora (only the moby-engine package) fail to prevent the bug, Sarai says.

    Only privileged containers (root privilege on the host is required) can exploit the flaw (unprivileged containers with a non-identity ID mapping don’t have permission to write to the host binary).

    The vulnerability impacts runc releases through 1.0-rc6, as used in Docker before 18.09.2 and other products. The vulnerability occurs because of file-descriptor mishandling, related to /proc/self/exe.

    Red Hat, Debian and Ubuntu are impacted by the flaw. Amazon and Google too published advisories, confirming the vulnerability in their products. LXC is also affected by the flaw.

    A GitHub repository was created to provide a backport of patches for older versions of runc that were packaged with Docker.

    Exploit code for the vulnerability is expected to be published within a week. A Shodan search shows that there are nearly 4,000 exposed Docker daemons on the internet.

    Related: Misconfiguration a Top Security Concern for Containers

    Related: Code Execution in Alpine Linux Impacts Containers

    Ionut Arghire is an international correspondent for SecurityWeek.

    Previous Columns by Ionut Arghire:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Ransomware in Q1 2022 doubled total 2021 volume

    June 28, 2022 Cyber Security

    Lithuania hit by DDoS cyberattack

    June 28, 2022 Cyber Security

    2 out of 3 European citizens welcome digital ID wallet

    June 28, 2022 Cyber Security

    87% of executives have no cybersecurity tools on personal devices

    June 27, 2022 Cyber Security

    CISA releases cloud security reference

    June 27, 2022 Cyber Security

    Colin Ahern named New York’s Chief Cyber Officer

    June 27, 2022 Cyber Security
    Editors Picks

    G7 accused of ‘backsliding’ on climate goals over energy security fears

    June 28, 2022

    Ransomware in Q1 2022 doubled total 2021 volume

    June 28, 2022

    Axie Infinity NFT game reopens transactions months after $625 million theft

    June 28, 2022

    Nicola Sturgeon sets date for fresh Scottish independence referendum

    June 28, 2022
    Trending Now

    Global shares rise as China eases quarantine restrictions

    By techbizweb

    Post Roe, women in America are right to be concerned about digital surveillance. And it’s not just period-tracking apps

    By techbizweb

    Our favorite benchmarks for testing PCs and how to use them

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.