2 matches found
CVE-2019-10144
rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are given all capabilities during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...
CVE-2019-10144
CVE-2019-10144 affects rkt up to version 1.30.0. In containers started with rkt enter, processes are granted all capabilities during stage 2, which could allow compromised containers to access host resources. The connected documents confirm the root cause is lack of isolation in this scenario and...