Showing Articles About
kubernetes
-
William Taylor - 1 Jun 2026
Observing Privilege Escalation in Kubernetes
Kubernetes famously has a lot of moving parts; clusters can get complicated very quickly and maintaining best security practice can be a challenge. What can make this harder is when good intentions to enhance security backfire and actually introduce risk. This blog looks at observability tools in Kubernetes environments and how the nature of their positioning within a cluster, along with often higher privileges, can expose privilege escalation paths to attackers.
-
Mohit Gupta - 2 Feb 2024
runc working directory breakout (CVE-2024-21626)
A critical vulnerability in runc (CVE-2024-21626) allows attackers to break out of container filesystems by exploiting a file descriptor leak. The flaw enables setting a container's working directory to the host filesystem, potentially granting unauthorized access to host systems in Kubernetes and containerized environments. Attackers can leverage this vulnerability to access host filesystems, execute malicious code, and potentially compromise multi-tenant Kubernetes clusters.
-
Golan Myers - 12 Jun 2023
Executing Arbitrary Code & Executables in Read-Only FileSystems
This article explores methods of executing arbitrary code in read-only Kubernetes pod file systems. Three techniques are demonstrated for bypassing read-only filesystem restrictions, including using in-memory execution, exploiting /dev/shm, and leveraging dynamic program loaders. The research highlights the complexity of container security and the need for multi-layered defense strategies.
- Alex Kaskasoli
- 11 Jan 2019
Attacking Kubernetes through Kubelet
A method of attacking Kubernetes clusters by exploiting the default kubelet configuration is detailed in this article. The vulnerability allows anonymous authentication to the kubelet API, enabling attackers to list pods, execute commands in containers, and potentially obtain service account tokens. These tokens can be used to access the kube-apiserver and gain deeper access to the Kubernetes cluster.