By Gary Duan On June 17, 2019, security researchers at Netflix released a series of vulnerabilities they discovered in the Linux and FreeBSD kernel. By sending crafted SACK packets to the vulnerable server, attackers are able to slow down the server’s TCP stack, incur excessive resource usage, and in the worst case scenario, cause a kernel panic. The main vulnerability, …
Attackers can login to root with no password on affected systems On May 8, 2019, a potentially serious vulnerability was announced affecting the Docker Alpine Linux container image. The vulnerability allows an attacker to authenticate as the root user with no password if using Linux PAM or other authentication means. Potentially thousands of downloads of affected images have been downloaded …
By Fei Huang A new docker vulnerability affecting container security, CVE-2019-5736 was just announced, with some calling it a ‘Doomsday Docker Security Hole.’ This is just 2 months after the critical Kubernetes vulnerability was reported allowing attackers to take control of the api server. From one of the runc maintainers Aleksa Sarai: Aleksa stated that “this docker vulnerability allows a …
The First Major Vulnerability Discovered in Kubernetes, And It’s A Big One The big news today on the eve of the start of DockerCon EMEA has not been conference related announcements but rather the disclosure of a critical security hole in Kubernetes, and by inheritance, Red Hat OpenShift. This vulnerability, CVE-2018-1002105, is so critical with a severity rating of 9.8 …