Leaky Vessels flaws allow hackers to escape Docker, runc containers (www.bleepingcomputer.com)

submitted 9 months ago by BlanK0@lemmy.ml to c/security@lemmy.ml

5 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] Oisteink@feddit.nl 1 points 9 months ago

What are the hackers doing in my container in the first place? And how did they drop to shell?

[-] BlanK0@lemmy.ml 1 points 9 months ago

Maybe if you try to run fishy apps on containers then the hacker can exploit out of the container. I guess that's a possible scenario 🤔

[-] Oisteink@feddit.nl 1 points 9 months ago

Possibly - so if I keep staying clear of fishy apps I’d be fine.

Does this affect lxc/d as welll?

[-] BlanK0@lemmy.ml 2 points 9 months ago

It affects mainly docker and kubernets containers. I did a little research and apparently docker isn't based of lxc/lxd anymore, so I suppose that it doesn't affect those. Although I'm not sure what kubernets is based off

[-] MaienM@sopuli.xyz 4 points 9 months ago

Kubernetes and docker both use containerd, which in turn uses runc which is what the vulnerability is in.

this post was submitted on 05 Feb 2024

10 points (100.0% liked)

Security

5014 readers

1 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

gary_host_laptop@lemmy.ml