Container Escape Hack Targets Vulnerable Linux Kernelhack

Researchers of CyberArk have been into creating a proof of concept attack which employs adversaries to bypass the security of the container, escape the container and completely compromise the host system. However, the attack scenario is limited, in that a successful attack depends on unpatched vulnerabilities to be present in the host system.

Nimrod Stoler, a cyber security researcher with CyberArk said,

“With about 20 lines of code and a few small tweaks to an exploit, we have created a way to jump a contain and attack the underlying host.”

Outlined in the research which was made public on Monday, CyberArk talked about how a Linux privilege escalation vulnerability (CVE-2017-7308) which exists on a host system could be exploited. This attack scenario consists of an adversary which infects the website which is running inside a container. After the website is compromised, the hacker can easily make use of the proof-of-concept technique of CyberArk to break containment and cause trouble for the host.

Lavi Lazarovitz said,

“In our proof-of-concept attack, the Docker containers’ defense-in-depth strategy temporarily stopped us from escaping to the underlying host. But we expanded the exploit’s payload to include code that manipulated the container’s namespaces and eventually breaking containment.”

The firm, Docker has employed several security measures so as to protect a kernel which will be shared by the container and host and its supporting namespaces and groups. Namespaces is an important feature in the Linux kernel which provides a layer of isolation for containers. Cgroups allow the engine to share hardware sources like memory.

CyberArk described in a write-up which was published earlier this week,

“The exploit finishes by calling the setns syscall, which changes the current process’s namespaces into process 1’s and the host’s namespaces, practically tearing down the namespace walls between container and host and accomplishing a full escape to host.”

Docker, the firm which is behind the virtualization program which designs containers, said,

“Any host system which isn’t fully patched and running containers may become infected no matter the security provisions of the container.”

Docker announced,

“Containers don’t help if the kernel is broken. As is the case with any software, if you haven’t installed security updates for two years, you will be vulnerable.”

Nimrod Stoler said,

“We think that there is more to do to allow better isolation between the container and their hosts.”

According to the report, the proof of concept code of CyberArk can be applied in future as vulnerability has been found in the Linux kernel which can escape the environment of containers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Single Column Posts

Single Column Posts Subtitle

Blockchain ETF Launches on the London Stock Exchange

Investment management firm Invesco has launched a blockchain exchange-traded fund (ETF) on the London Stock Exchange last week. Invesco has...

Paxos is all about to be showered in gold

The blockchain firm, Paxos will be launching its digital token which will be backed by the precious metal, gold. During an...

Regulators Are Calling 2019 the “Year of the Blockchain”

Regulators have eased regulations regarding blockchain technology as most of them feel that it might harm the development of the...

Container Escape Hack Targets Vulnerable Linux Kernelhack

Researchers of CyberArk have been into creating a proof of concept attack which employs adversaries to bypass the security of...

Is India on its way to consider Cyber Security trustworthy as yet?

India’s largest ecommerce website, IRCTC or Indian Railways Catering and Tourism Corporation, the subsidiary of Indian Railway and run by...