Linux

Kubernetes, Docker, ContainerD Impacted by RunC Container Runtime Bug | Linux.com

Kubernetes, Docker, ContainerD Impacted by RunC Container Runtime Bug | Linux.com

The Linux group is coping with every other safety flaw, with the newest malicious program impacting the runC container runtime that underpins Docker, cri-o, containerd, and Kubernetes.

The malicious program, dubbed CVE-2019-5736, permits an inflamed container to overwrite the host runC binary and acquire root-level code get entry to at the host. This would principally permit the inflamed container to realize regulate of the overarching host container and make allowance an attacker to execute any command.

“It is quite likely that most container runtimes are vulnerable to this flaw, unless they took very strange mitigations beforehand,” defined Aleksa Sarai, a senior device engineer at SUSE and a maintainer for runC, in an electronic mail posted on Openwall. Sarai added that the flaw is blocked by the correct implementation of consumer namespaces “where the host root is not mapped into the container’s user namespace.”

A patch for the flaw has been evolved and is being despatched out to the runC group. Numerous supplier and cloud suppliers have already taken steps to put into effect the patch.

Read extra at SDx Central

Click Here!

Tags

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Adblock Detected

Please consider supporting us by disabling your ad blocker