top | item 28472614

(no title)

Wow. Almost unbelievable. Any security engineer or literally any (authenticated or agent-based) enterprise scanner should have caught this. Wonder how this one slipped through - the 2019 runc bug was a HUGE deal if you work in container security and its presence should have set off Critical alerts automatically.

Knowing nothing else, my guess is this was certainly exploited, as you can grab off-the-shelf exploits for the runc exploit.

discuss

No comments yet.