There’s a fun buffer overflow problem in the Glibc __vsyslog_internal() function. This one’s a real rollercoaster, because logging vulnerabilities are always scary, but at a first look, it seems ...

RunC is a Docker-created, low-level command-line interface tool that spawns and runs containers based on two Open Container Initiative specifications: the Image Specification and the Runtime ...

A container breakout security flaw found in the runc container runtime allows malicious containers (with minimal user interaction) to overwrite the host runc binary and gain root-level code execution ...

One of the great security fears about containers is that an attacker could infect a container with a malicious program, which could escape and attack the host system. Well, we now have a security hole ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

A security vulnerability in Docker and Kubernetes containers disclosed Monday can be used to go after any host system running containers. The vulnerability allows malicious containers to overwrite the ...

Enterprises have been urged to patch a serious flaw in runc, the default runtime for Docker and Kubernetes, and ensure they have SELinux enabled. Aleksa Sarai — one of the maintainers for runc — made ...

A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks. Runc, a building-block project ...

The Linux community is dealing with another security flaw, with the latest bug impacting the runC container runtime that underpins Docker, cri-o, containerd, and Kubernetes. The bug, dubbed ...