You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Container/Escaping/cve-list.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,7 +20,7 @@
20
20
21
21
| CVE | Title | Required capabilities | References |
22
22
| --- | --- | --- | --- |
23
-
|[CVE-2022-0185](https://access.redhat.com/security/cve/cve-2022-0185)| A heap-based buffer overflow flaw in the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel | <p>CAP_SYS_ADMIN</p><p>or [unshare(CLONE_NEWNS|CLONE_NEWUSER)](https://man7.org/linux/man-pages/man1/unshare.1.html)</p> | <p>[CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers](https://www.willsroot.io/2022/01/cve-2022-0185.html)</p><p>[CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes](https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes)</p><p>[Demo exploits for CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185)</p> |
23
+
|[CVE-2022-0185](https://access.redhat.com/security/cve/cve-2022-0185)| A heap-based buffer overflow flaw in the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel | <p>CAP_SYS_ADMIN</p><p>or [unshare(CLONE_NEWNS|CLONE_NEWUSER)](https://man7.org/linux/man-pages/man1/unshare.1.html)</p> | <p>> [CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers](https://www.willsroot.io/2022/01/cve-2022-0185.html)</p><p>> [CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes](https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes)</p><p>> [Demo exploits for CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185)</p> |
24
24
|[CVE-2021-22555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22555)| A heap out-of-bounds write in Linux Netfilter | CAP_NET_ADMIN |[CVE-2021-22555: Turning \x00\x00 into 10000$](https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html)|
25
25
|[CVE-2021-31440](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31440)| The flaw in handling of eBPF programs leads to escalate privileges | CAP_SYS_MODULE |[CVE-2021-31440: AN INCORRECT BOUNDS CALCULATION IN THE LINUX KERNEL EBPF VERIFIER](https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier)|
26
26
|[CVE-2020-8835](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8835)| The bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory | CAP_SYS_ADMIN |[CVE-2020-8835: LINUX KERNEL PRIVILEGE ESCALATION VIA IMPROPER EBPF PROGRAM VERIFICATION](https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification)|
0 commit comments