Dirty Sock: CVE-2019-7304

Today, Chris Moberly blogged about his local privilege escalation bug in Ubuntu Linux, CVE-2019-7304, a.k.a. the “Dirty Sock” exploit (ew). This affects snapd, which is installed on Ubuntu 16.04.4 LTS …

A Brief Review of CVE-2019-5736: runc Container Breakout

A group of researchers yesterday announced CVE-2019-5736, a runc container breakout affecting container tools including Docker, Kubernetes, and containerd. Why it matters: Because many people run containers as “root,” the …