Leaky Vessels flaws allow hackers to escape Docker, runc containers - eviltoast
  • Oisteink@feddit.nl
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    9 months ago

    What are the hackers doing in my container in the first place? And how did they drop to shell?

    • BlanK0@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      Maybe if you try to run fishy apps on containers then the hacker can exploit out of the container. I guess that’s a possible scenario 🤔

      • Oisteink@feddit.nl
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        9 months ago

        Possibly - so if I keep staying clear of fishy apps I’d be fine.

        Does this affect lxc/d as welll?

        • BlanK0@lemmy.mlOP
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          It affects mainly docker and kubernets containers. I did a little research and apparently docker isn’t based of lxc/lxd anymore, so I suppose that it doesn’t affect those. Although I’m not sure what kubernets is based off

          • MaienM@sopuli.xyz
            link
            fedilink
            arrow-up
            4
            ·
            9 months ago

            Kubernetes and docker both use containerd, which in turn uses runc which is what the vulnerability is in.