Security

5005 readers

2 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

[email protected]

Leaky Vessels flaws allow hackers to escape Docker, runc containers (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 9 months ago (1 children)

What are the hackers doing in my container in the first place? And how did they drop to shell?

[–] [email protected] 1 points 9 months ago (1 children)

Maybe if you try to run fishy apps on containers then the hacker can exploit out of the container. I guess that's a possible scenario 🤔

[–] [email protected] 1 points 9 months ago (1 children)

Possibly - so if I keep staying clear of fishy apps I’d be fine.

Does this affect lxc/d as welll?

[–] [email protected] 2 points 9 months ago (1 children)

It affects mainly docker and kubernets containers. I did a little research and apparently docker isn't based of lxc/lxd anymore, so I suppose that it doesn't affect those. Although I'm not sure what kubernets is based off

[–] [email protected] 4 points 9 months ago

Kubernetes and docker both use containerd, which in turn uses runc which is what the vulnerability is in.