Red Hat, the world’s leading provider of open source solutions, announced an expansion of its integration product portfolio with new components and capabilities for connecting applications, data and devices across hybrid architectures. The additions are featured in the latest release of Red Hat Integration, and include Red Hat AMQ Online, Red Hat AMQ Streams, new connectors for Red Hat Fuse Online, and end-to-end application programming interface (API) lifecycle support. Building on Red Hat OpenShift Container … More
A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged runC container, allowing the attacker to gain root access on the underlying host system. RunC is the container runtime underneath infrastructure and engines such as Docker, CRI-O, containerd, Kubernetes, etc. About the vulnerability (CVE-2019-5736) CVE-2019-5736 was reported by researchers Adam Iwaniuk and Borys Popławski to runC maintainers, … More
The post RunC container escape flaw enables root access to host system appeared first on Help Net Security.