Escape Docker Container Using waitid() | CVE-2017-5123 | Twistlock

In 2017 alone, 434 linux kernel exploits where found, and as you have seen in this post, kernel exploits can be devastating for containerized environments. This is because containers share the same kernel as the host, thus trusting the built-in protection mechanisms alone isn’t sufficient. Make sure your kernel is always updated on all of your production hosts.

The vulnerability allows an attacker to write a partially-controlled data to kernel memory address of his choice.

Our main goal with this exploit is to overwrite the capabilities that Docker sets for us, thus gaining additional privileges and to escape the container.



Be the first to post a comment.

Leave a Comment

Your email address will not be published. Required fields are marked *