News

Vulnerabilities in rkt allow bypassing the container and get root permissions on the host

Security researcher Yuval Avrahami discovered rkt vulnerabilities in the container environment (container runtime) that allowed him to bypass the container and get root permissions on the host.

The problems are assigned the identifiers CVE-2019-10144, CVE-2019-10145 and CVE-2019-10147.

An attacker can exploit vulnerabilities in order to compromise a host when a user enters the ‘rkt enter’ command (equivalent to the ‘docker exec’ command) via a module under its control.

“I don’t know how many users still run rkt in production, but if you do, avoid using the ‘rkt enter’ command, as it contains several unpatched vulnerabilities”, — recommended Yuval Avrahami.

The ‘rkt enter’ command allows you to execute binary code in a running container. The binary code is run with superuser privileges, but the seccomp and cgroup security mechanisms do not apply, which gives the attacker the opportunity to bypass the container.

To exploit vulnerabilities, an attacker must have access to containers with superuser privileges. Therefore, when a user runs the ‘rkt enter’ command, an attacker can rewrite the binary code and libraries (/bin/bash ? libc.so.6) inside the container in order to launch the malicious code.

The researcher privately informed the manufacturer about the problems. However, he was told that no time limit was fixed for fixing the vulnerability.

“I suggest considering alternative container runtimes which are more steadily maintained, such as Docker, podman or LXD”, — adviced Yuval Avrahami.

Apparently the researcher makes the final verdict on the rkt environment.

rkt is an open source container runtime and a CNCF incubating project created by CoreOS. It is a widely loved project, mostly because it was one of the few viable open source alternatives to Dockerback in the early container days. rkt’s basic unit of execution is a pod, which contains multiple containers running in a shared context.

Source: https://www.twistlock.com

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove Adblockelite.xyz Pop-up Ads

About Adblockelite.xyz Adblockelite.xyz pop-ups can not open out of nowhere. If you have clicked some…

9 hours ago

Remove Appcloud-center.com Pop-up Ads

About Appcloud-center.com Appcloud-center.com pop-ups can not open out of nowhere. If you have actually clicked…

9 hours ago

Remove Groopheetex.com Pop-up Ads

About Groopheetex.com Groopheetex.com pop-ups can not expose out of nowhere. If you have clicked on…

9 hours ago

Remove Vidstreambox.com Pop-up Ads

About Vidstreambox.com Vidstreambox.com pop-ups can not expose out of the blue. If you have actually…

9 hours ago

Remove Mac-uptodate.com Pop-up Ads

About Mac-uptodate.com Mac-uptodate.com pop-ups can not introduce out of the blue. If you have actually…

9 hours ago

Remove Taffetlervers.com Pop-up Ads

About Taffetlervers.com Taffetlervers.com pop-ups can not expose out of the blue. If you have clicked…

9 hours ago