It was only a matter of time, but the first major security exploit was found for Kubernetes. Discovered by Rancher Labs co-founder Darren Shepard, it’s a privilege escalation flaw that is, in the words of Ned Ryerson, a doozy.
Essentially, any users on a node can use a API call to gain admin access to any compute node in a given Kubernetes clusters. To make matters worse, it all looks normal to the cluster, so it doesn’t generate any logs, and its very hard to know if it’s been exploited in the wild.
Luckily, patches are available, but only for versions 1.10.11 going forward. Older versions are out of luck, so maybe it’s time to upgrade?
- Time to Patch Kubernetes - December 6, 2018
- The US Has the Top 2 Supercomputers - December 6, 2018
- The Microsoft Connection | Gestalt IT Rundown: December 5, 2018 - December 5, 2018
- IPv6 Is Still Weird - December 5, 2018
- Intel Shipping 10nm NUCs to Major Retailers - December 3, 2018
- Haiku: Reviving the Dreams of BeOS - December 3, 2018
- The AWS ARM Chip That Wasn’t - November 28, 2018
- AWS re:Intervention | Gestalt IT Rundown: November 28, 2018 - November 28, 2018
- Germany Considering SOHO Router Security Rules - November 27, 2018
- Build the Droids You’re Looking For with AWS RoboMaker - November 26, 2018