Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-05-03 08:37:30 |
CVE-2022-23648: Kubernetes Container Escape Using Containerd CRI Plugin and Mitigation (lien direct) |
CVE-2022-23648, reported by Googleâs Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerdâs CRI plugin that handles OCI image specs containing âVolumes.â The attacker can add Volume containing path traversal to the image and use it to copy arbitrary files from the host […] |
Vulnerability
|
Uber
|
|
|
2022-03-15 12:19:11 |
(Déjà vu) cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) |
CrowdStrike cloud security researchers discovered a new vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] |
Threat
Vulnerability
|
Uber
|
|
|
2022-03-15 12:19:11 |
cr8escape: Zero-day in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) |
CrowdStrike cloud security researchers discovered a zero-day vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] |
Threat
Vulnerability
|
Uber
|
|
|
2022-01-31 23:11:00 |
CVE-2022-0185: Kubernetes Container Escape Using Linux Kernel Exploit (lien direct) |
On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function âlegacy_parse_paramâ of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions. CVE-2022-0185 Needs CAP_SYS_ADMIN This flaw is […] |
|
Uber
|
|