Home / Companies / Snyk / Blog / Post Details
Content Deep Dive

Kernel privilege escalation: how Kubernetes container isolation impacts privilege escalation attacks

Blog post from Snyk

Post Details
Company
Date Published
Author
Kamil Potrec
Word Count
3,824
Company Posts That Month
13
Language
English
Hacker News Points
4
Post removed?
No
Summary

In summary, Kubernetes container isolation impacts privilege escalation attacks by layering abstractions that make exploitation harder. The article explores an old issue in the af_packet implementation that received CVE-2017-7308, which is exploitable with the CAP_NET_RAW capability. The authors demonstrate how to exploit this vulnerability in a non-containerized environment and then show how Kubernetes container isolation prevents the exploit from succeeding. They also discuss the use of seccomp as a defense-in-depth control to mitigate this type of attack by filtering system calls and preventing the unshare syscall.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Kubernetes 11 1,285 150 40 +21%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.