"'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally"

Researchers have discovered four vulnerabilities, collectively called "Leaky Vessels," in container engine components. Three of the vulnerabilities enable attackers to break out of containers and perform malicious actions on the host system. One of the vulnerabilities affects runC, the lightweight container runtime for Docker and other container environments. It is the most critical of the four vulnerabilities, scoring 8.6 on the CVSS scale. According to Rory McNamara, a security researcher at Snyk, the runC vulnerability allows container escape at both the build-time and runtime of the container. An attacker who gains unauthorized access to an underlying host operating system may be able to access anything else running on the same host, including key credentials that allow the launch of additional attacks. This article continues to discuss findings regarding the Leaky Vessels bugs.

Dark Reading reports "'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally"

Submitted by grigby1

Submitted by Gregory Rigby on