Security News

A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. A lightweight alternative to Docker, CRI-O is a container runtime implementation of the Kubernetes Container Runtime Interface that's used to pull container images from registries and launch an Open Container Initiative-compatible runtime such as runC to spawn and run container processes.

Google says it bumped up rewards for reports of Linux Kernel, Kubernetes, Google Kubernetes Engine, or kCTF vulnerabilities by adding bigger bonuses for zero-day bugs and exploits using unique exploitation techniques. "We increased our rewards because we recognized that in order to attract the attention of the community we needed to match our rewards to their expectations," Google Vulnerability Matchmaker Eduardo Vela explained.

Users of the Argo continuous deployment tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The path-traversal vulnerability "Allows malicious actors to load a Kubernetes Helm Chart YAML file to the vulnerability and 'hop' from their application ecosystem to other applications' data outside of the user's scope," Moshe Zioni, Apiiro's VP of security research, said.

A high-severity security vulnerability in Argo CD can enable attackers to access targets' application-development environments, paving the way for stealing passwords, API keys, tokens and other sensitive information. Argo CD is a continuous-delivery platform deployed as a Kubernetes controller in the cloud, and it's used to deploy applications, then continuously monitor them in real time as they run.

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. Threat actors can exploit the vulnerability by loading a malicious Kubernetes Helm Chart YAML file onto the target system, allowing the extraction of sensitive information from other applications.

A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart. The vuln, tracked as CVE-2022-24438, exists in Argo CD, a widely used open-source continuous delivery tool for Kubernetes.

A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape containers in Kubernetes, giving access to resources on the host system. CVE-2022-0185 is a heap-based buffer overflow vulnerability in the "File System Context" Linux kernel component that can lead to an out-of-bounds write, denial of service, and arbitrary code execution.

Pepperdata announced the results of a new survey to gauge the pace at which enterprises are migrating big data applications to Kubernetes containers. Kubernetes is the preferred container orchestration technology for its agility, speed and efficiency for scaling and managing apps and infrastructure.

If you're congratulating yourself on your progress adopting Kubernetes, just consider that the cybercriminals have been poring over it too. Does your Kubernetes deployment support multiple components and services across multiple nodes, all spawning data, the hijacking of which could bring your operations to a shuddering halt? Great.

Doing cloud native at enterprise scale is no mean feat, but doing it securely is the real challenge. Who do you turn to for practical guidance? To help you better understand and navigate the challenges enterprise scale brings, KubeSec Enterprise vSummit will focus on real-world enterprise experience in securing production environments.