Cyber Legion: Your Partner in Trusted Business Security

a hand holding a gear wheel and a hand holding a wrench

Our offerings leverage advanced technology and expert knowledge to ensure your business and products are secure against evolving cyber threats while maintaining compliance.

Product Security

We Enhance Your Product Security to Ensure Business Continuity

Consultancy and Advisory

Your Partner in Cyber Resilience — Trusted Remote Security Consultants
See Pricing

Docker cgroups Container Escape

This Metasploit exploit module takes advantage of a Docker image which has either the privileged flag, or SYS_ADMIN Linux capability. If the host kernel is vulnerable, its possible to escape the Docker image and achieve root on the host operating system. A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.   Exploit Files ≈ Packet Storm 

 

More To Explore