Qualys

Blog

Qualys discovers three bypasses of Ubuntu’s unprivileged user namespace restrictions

The Qualys Threat Research Unit (TRU) says it has uncovered three flaws in Ubuntu’s unprivileged user namespace restrictions that could allow a local attacker to gain full administrative capabilities. Linux distributions generally allow unprivileged users to create namespaces that help in creating containers and additional sandboxing functionality for programs such as container runtimes, but that also creates a weak spot.…