Aqua Blog

Sagie Dulce

Sagie Dulce
Security researcher
Bugs Gone Wild: Container (Stack) Clash and CVE-2017-1000253

Bugs Gone Wild: Container (Stack) Clash and CVE-2017-1000253

A “Stack Clash” is a vulnerability in the memory management of several operating systems, including Linux. It can be exploited by attackers to corrupt memory of a privileged process in order to execute arbitrary code.

Continue reading ›
Equifax Breach Hindsight - What If They Used Containers?

Equifax Breach Hindsight - What If They Used Containers?

What are the chances that your name, address and social security number have been stolen? If you are an American citizen, the answer is ‘about 50/50’. The reason, perhaps not surprisingly, is a recent data breach. Records of 143M customers of Equifax, a large credit reporting company, were stolen.

Continue reading ›
Keys, Tokens and Too Much Trust Found in Popular Container Images

Keys, Tokens and Too Much Trust Found in Popular Container Images

This article was originally published in HelpNetSecurity.com

We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries and …

Continue reading ›
CVE-2016-9962: Run Container Run

CVE-2016-9962: Run Container Run

RunC Like the Wind

Recently, an interesting vulnerability was discovered (CVE-2016-9962) that enables container escape to the host. The vulnerability stems from a bug found in opencontainers' runc code, which is used by several container engines, including Docker.  

Continue reading ›
Dirty COW Vulnerability: Impact on Containers

Dirty COW Vulnerability: Impact on Containers

There has been plenty of buzz lately regarding an old-new privilege escalation vulnerability, adorably named “Dirty COW” after the Copy-On-Write memory protection in the Linux kernel. The whole thing started roughly eleven years ago, when a kernel developer left a race condition issue opened: “This is an ancient bug …

Continue reading ›