BlanK0@lemmy.ml to Security@lemmy.ml · 1 年前Leaky Vessels flaws allow hackers to escape Docker, runc containerswww.bleepingcomputer.comexternal-linkmessage-square5fedilinkarrow-up110arrow-down10cross-posted to: [email protected][email protected][email protected]
arrow-up110arrow-down1external-linkLeaky Vessels flaws allow hackers to escape Docker, runc containerswww.bleepingcomputer.comBlanK0@lemmy.ml to Security@lemmy.ml · 1 年前message-square5fedilinkcross-posted to: [email protected][email protected][email protected]
minus-squareBlanK0@lemmy.mlOPlinkfedilinkarrow-up1·1 年前Maybe if you try to run fishy apps on containers then the hacker can exploit out of the container. I guess that’s a possible scenario 🤔
minus-squareOisteink@feddit.nllinkfedilinkarrow-up2arrow-down1·1 年前Possibly - so if I keep staying clear of fishy apps I’d be fine. Does this affect lxc/d as welll?
minus-squareBlanK0@lemmy.mlOPlinkfedilinkarrow-up2·1 年前It affects mainly docker and kubernets containers. I did a little research and apparently docker isn’t based of lxc/lxd anymore, so I suppose that it doesn’t affect those. Although I’m not sure what kubernets is based off
minus-squareMaienM@sopuli.xyzlinkfedilinkarrow-up4·1 年前Kubernetes and docker both use containerd, which in turn uses runc which is what the vulnerability is in.
Maybe if you try to run fishy apps on containers then the hacker can exploit out of the container. I guess that’s a possible scenario 🤔
Possibly - so if I keep staying clear of fishy apps I’d be fine.
Does this affect lxc/d as welll?
It affects mainly docker and kubernets containers. I did a little research and apparently docker isn’t based of lxc/lxd anymore, so I suppose that it doesn’t affect those. Although I’m not sure what kubernets is based off
Kubernetes and docker both use containerd, which in turn uses runc which is what the vulnerability is in.