Summary

Top Articles:

  • Linux Kernel Bug Allows Kubernetes Container Escape
  • Rustproofing Linux (Part 2/4 Race Conditions)
  • Some Musings on Common (eBPF) Linux Tracing Bugs

Rustproofing Linux (Part 2/4 Race Conditions)

Published: 2023-02-08 15:41:37

Popularity: None

Author: Domen Puncer Kugler

Keywords:

  • Emerging Technologies
  • Reducing Vulnerabilities at Scale
  • Linux kernel
  • Rust
  • This is a four part blog post series that starts with Rustproofing Linux (Part 1/4 Leaking Addresses). This post uses a simple example to demonstrate a class of vulnerability that we encounter quite frequently when auditing kernel drivers and firmware. It’s a race condition, or more precisely a TOCTOU vulnerability. The complete vulnerable C driver … Continue reading Rustproofing Linux (Part 2/4 Race Conditions) →

    ...more

    Linux Kernel Bug Allows Kubernetes Container Escape

    Published: 2022-01-31 15:27:28

    Popularity: 5

    Author: Nathan Eddy

    Keywords:

  • Container Security
  • Features
  • Latest News
  • News
  • Topics
  • Container Linux
  • container security
  • container vulnerability
  • kubernetes
  • Linux kernel
  • Hackers could exploit a Linux kernel bug to escape Kubernetes containers and access critical resources; however, the threat is minimized as any attacker needs to have the specific Linux capability CAP_SYS_ADMIN. The high-severity Common Vulnerabilities and Exposures (CVE) 2022-0185, first reported by security publication BleepingComputer, affects all Linux kernel versions The post Linux Kernel Bug Allows Kubernetes Container Escape appeared first on Container Journal.

    ...more

    Some Musings on Common (eBPF) Linux Tracing Bugs

    Published: 2021-08-06 04:54:28

    Popularity: None

    Author: Jeff Dileo

    Keywords:

  • Research
  • eBPF
  • Linux kernel
  • Linux kernel tracing
  • system observability
  • tracee
  • Having been in the game of auditing kprobe-based tracers for the past couple of years, and in light of this upcoming DEF CON on eBPF tracer race conditions (which you should go watch) being given by a friend of mine from the NYU(-Poly) (OSIR)IS(IS) lab, I figured I would wax poetic on some of the … Continue reading Some Musings on Common (eBPF) Linux Tracing Bugs →

    ...more

    end