New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. "Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives, including execution of malware, exfiltration of data, and lateral movement across pods," CrowdStrike
https://thehackernews.com/2022/03/new-vulnerability-in-cri-o-engine-lets.html?utm_source=dlvr.it&utm_medium=blogger