Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
- https://github.com/opencontainers/runc/issues/2197
- https://github.com/opencontainers/runc/pull/2190
- https://github.com/43622283/awesome-cloud-native-security
- https://github.com/8-cm/kube-dump
- https://github.com/Metarget/awesome-cloud-native-security
- https://github.com/atesemre/awesome-cloud-native-security
- https://github.com/cyphar/libpathrs
- https://github.com/openSUSE/libpathrs
- https://github.com/shakyaraj9569/Documentation
- https://github.com/sivahpe/trivy-test