RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts


Userlevel 7
Badge +48
February 11, 2019, By Sergiu Gatlan


A container breakout security flaw found in the runc container runtime allows malicious containers (with minimal user interaction) to overwrite the host runc binary and gain root-level code execution on the host machine.

runc is an open source command line utility designed to spawn and run containers and, at the moment, it is used as the default runtime for containers with Docker, containerd, Podman, and CRI-O.
According to Aleksa Sarai, Senior Software Engineer (Containers) SUSE Linux GmbH, one of the runc maintainers:

Full Article.

0 replies

Be the first to reply!

Reply

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept or continue browsing you agree to our cookie policy. Learn more about our cookies.

    Accept cookies Cookie settings