Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug
The "hotpatch" released by Amazon Web Services AWS in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. "Aside from containers, unprivileged processes can also exploit the patch...