Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"OOMyPod: Nothin’ To CRI-O-bout"
--> "... Three issues in CRI-O (the default Kubernetes’
container engine for Red Hat’s OpenShift and openSUSE’s Kubic),
combined with an overzealous out-of-memory (OOM) killer in
recent Linux kernels, can enable a partial container escape
for hosts running CRI-O and Kubernetes
...
There’s no need to panic, though. It’s good to note that there
isn’t a generic complete container escape or node takeover path using
these bugs"
--> Patch? "Yes, as of CRI-O version 1.16.1"
VG
Bernd
[0]
https://capsule8.com/blog/oomypod-nothin-to-cri-o-bout/
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Help Test Firefox’s built-in HTML Sanitizer to protect against UXSS bugs"
VG
Bernd
[0]
https://blog.mozilla.org/security/2019/12/02/help-test-firefoxs-built-in-ht…
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"JSRAT – Secret Command & Control Channel Backdoor to Control Victims Machine Using JavaScript"
--> Immer nich kein Freund von "No Script" bzw. "uBlock Origin"? ;)
VG
Bernd
[0]
https://gbhackers.com/secret-command-control-channel-backdoor/
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de