TID-207: Container Escape
Threat Description
Container environments, such as Docker and Kubernetes, share the same underlying kernel as the host operating system. Malicious code that succeeds in executing within a container may attempt to exploit any vulnerabilities present in exposed OS system calls, container management system functions, excessive permissions in shared resources, or other misconfigurations in the environment. One or more of these can be sufficient for a threat actor to escape the container into the underlying host and then begin manipulating the host OS or the applications and data within other containers resident on the device.
Threat Maturity and Evidence
Known Exploitable Weakness
- ATT&CK Technique: Escape to Host (T1611)
“Adversaries may break out of a container to gain access to the underlying host. This can allow an adversary access to other containerized resources from the host level or to the host itself. In principle, containerized resources should provide a clear separation of application functionality and be isolated from the host environment.”
Proof of Concept
Breaking out of Docker via runC – Explaining CVE-2019-5736
“A vulnerability in runc allows a malicious container to overwrite the host runc binary and thus gain root-level code execution on the host. The level of user interaction is being able to run any command… as root within a container in two possible contexts.”Crowdstrike: CVE-2022-0185: Kubernetes Container Escape Using Linux Kernel Exploit
“On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions.” Threat actors can then leverage this namespace restriction bypass and root level privilege to break out of the Kubernetes container.
CWE
- CWE-693: Protection Mechanisms Failure (Pillar)
“The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.”
CVE
CVE-2019-5736
“runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.”CVE-2022-0185
“A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespace CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.”