Doomsday Docker Security Hole Uncovered
Joined: Oct 24 2009
Last Active: Never/Not tracked
Total Active: Never/Not tracked
Timezone: GMT+ -7
Last Page Viewed:
February 11 '19 at 01:51 PM
By BeauHD from
Slashdot's lost-and-found department
An anonymous reader quotes a report from ZDNet: One of the great security fears about containers is that an attacker could infect a container with a malicious program, which could escape and attack the host system. Well, we now have a security hole that could be used by such an attack: RunC container breakout, CVE-2019-5736. RunC is the underlying container runtime for Docker, Kubernetes, and other container-dependent programs. It's an open-source command-line tool for spawning and running containers. Docker originally created it. Today, it's an Open Container Initiative (OCI) specification. It's widely used. Chance are, if you're using containers, you're running them on runC.
article continued at Slashdot's lost-and-found department
Forgot name or password?
Click here to get them
Not a member?
Click here to join
: Large flux of old-but-been-broken news stories coming through.
: Need that for all dialogue in all things ever. Gone with the Wind: Gilbert Gottfried version
: Dream do come true. Gilbert Gottfried https://www.youtube.com/watch?v=3H3xQzQauyY