Bleeping Computer

Latest Container Escape news

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. A critical ...
Dark Reading

Patch Now: Linux Container-Escape Flaw in Azure Service Fabric

Microsoft this week disclosed a serious container-escape vulnerability in its widely used Azure Service Fabric technology, which gives attackers a way to gain root privileges on the host node and take ...
Dark Reading

Don't Have a COW: Containers on Windows and Other Container-Escape Research

In what's shaping up to be a summer of container escapes, a pair of talks slated for Black Hat USA next month will explore the kinds of architectural weaknesses in operating systems and in container ...
Hosted on MSN

Some Docker containers may not be as secure as they like, experts warn

Three runC flaws could allow container escape and host access with admin privileges Bugs affect Docker/Kubernetes setups using custom mounts and older runC versions Mitigation includes user namespaces ...
Threat Post

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

A chain of exploits could allow a malicious Azure user to infiltrate other customers’ cloud instances within Microsoft’s container-as-a-service offering. A critical security vulnerability allowing ...
Threat Post

Bug in the Linux Kernel Allows Privilege Escalation, Container Escape

A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel. To go along with the “Dirty Pipe” Linux security bug coming to light, two researchers ...