February 11, 2019, By Kacy Zurkus
A security issue that affects several open source container management systems, including Amazon Linux and Amazon Elastic Container Service, has been disclosed by AWS.
The vulnerabilities (CVE-2019-5736) were reportedly discovered by security researchers Adam Iwaniuk, Borys Poplawski and Aleksa Sarai and would allow an attacker with minimal user interaction to “overwrite the host runc binary and thus gain root-level code execution on the host.”
Also among the affected AWS containers are the service for Kubernetes (Amazon EKS), Fargate, IoT Greengrass, Batch, Elastic Beanstalk, Cloud 9, SageMaker, RoboMaker and Deep Learning AMI. In its security issue notice published 11 February, AWS said that no customer action is required for those containers not on the list.
Full Article.
AWS Issues Alert for Multiple Container Systems
Userlevel 7
+48
Userlevel 7
Reply
Help
Shortcuts
Bold
Ctrl-B or Cmd-B
Italic
Ctrl-I or Cmd-I
Underline
Ctrl-U or Cmd-U
@Mention
@username
Upload image
Maximum file size: 2MB. Allowed image types: .jpg, .png, .gif.
Embed media
Supported platforms: YouTube, Soundcloud, Deezer, Vimeo, Dailymotion.
Sign up
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address to receive an e-mail with instructions to reset your password.