By Ionut Arghire on September 18, 2018
A security researcher discovered several vulnerabilities in Alpine Linux, a distribution commonly used with Docker, including one that could allow for arbitrary code execution.
Based on musl and BusyBox, the Alpine Linux distribution has a small size and is heavily used in containers, including Docker, as it provides fast boot times.
APK, the default package manager in Alpine, is impacted by several bugs, security researcher Max Justicz has discovered. The most important of them, the researcher says, could allow a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code on the user’s machine.
Full Article.
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.