Related Articles
All Mix →
Revolutionizing healthcare security: moving beyond pentesting
Table of Contents The healthcare industry: a prime target for cybercriminals Where does traditional pentesting fall short? 1. Pentesting is reactive in nature 2.…
TUTORIAL: Permissions rights for Detectify teams
Detectify introduces permissions rights to Detectify teams. As a team administrator, you are now able to grant users two different kinds of access rights per…
The World’s 1st Open Source Bug Bounty Guide – Methodology, Tools, Resources by Mik317 (50+ CVEs)
The World’s 1st Open Source Bug Bounty Guide – Methodology, Tools, Resources by Mik317 (50+ CVEs) Source link
How They Got Hacked Episode Fifty Five 55
How They Got Hacked Episode Fifty Five 55 Source link
Google Dorks and DoD
Google Dorks and DoD Source link
How pentesting mirrors the evolution of quality assurance
Quality assurance in software development is a process of ensuring that software, once it’s deployed to production, will be free of “bugs” – unintended defects…
Impact
When using
--userns-remap, if the root user in the remapped namespace has access to the host filesystem they can modify files under/var/lib/docker/that cause writing files with extended privileges.Patches
Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.
Credits
Maintainers would like to thank Alex Chapman for discovering the vulnerability; @awprice, @nathanburrell, @raulgomis, @chris-walz, @erin-jensby, @BassMatt, @mark-adams, @dbaxa for working on it and Zac Ellis for responsibly disclosing it to security@docker.com