New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

Source: Pixabay

According to research conducted by CrowdStrike, a significant vulnerability is present within the CRI-O container engine for Kubernetes that would-be attackers can exploit to escape the container and gain root access to the host.

The vulnerability, CVE-2022-0811, has a CVSS score of 8.8. The lack of validation for kernel parameters passed to the pins utility allowed this vulnerability to exist. When sysctl was introduced to the container engine, the vulnerability was present since CRI-O version 1.19.

This security hole is called cr8escape, and cybercriminals can use it to avoid the Kubernetes container, gain access to the host, or move anywhere in the cluster.

CRI-O Engine Vulnerability

The security hole present in the CRI-O engine might be used for data exfiltration and lateral movement across pods. Since many platforms use the CRI-O engine by default, the security issue raises significant concerns.

Cybercriminals can exploit the system with ease. Fortunately, the security flaw was resolved on the CRI-O versions: 1.22.3, 1.21.6, 1.20.7, 1.19.6. Users are encouraged to update their CRI-O engines right away to prevent further malware attacks.

In other instances, a downgrade to CRI-O version 1.18 or older can also prevent instances of exploitation. Yet, this is not advised since old systems have other vulnerabilities. Some recommended mitigation steps to block the pods that contain sysctl settings include:

  • Blocking values containing “+” or “=”
  • Blocking all sysctls
  • Employ pins wrapper to strip “s” option (it prevents pods from altering kernel parameters)

What You Can Do To Strengthen Your Cybersecurity

The new vulnerability in the CRI-O engine speaks for itself. No matter how well software or hardware is designed, it will always have flaws. Keeping everything on your PC up-to-date is essential in preventing bad actors from targeting your data.

However, new updates just as well can portray unknown vulnerabilities. Because of this, PC users should take some extra steps to ensure that their cybersecurity remains solid and effective. Here are some additional tips on how you can keep your data safe online:

Use a VPN

Whether you use a USA VPN or a European VPN, they all work the same. A VPN encrypts your online data, replacing your IP address with another. Any would-be attacker won’t be able to find out your real IP.

With a VPN, you gain more than just security and privacy. You can avoid trackers, and what you search online is hidden from both your internet provider and even the government if need be.

You can also use a VPN to change your geo-location entirely. This not only will throw cyberattackers into confusion, but it will also let you gain access to geo-restricted content. For example, when you encounter a restricted video in your country, you can use a VPN to change your location and access it.

And there are plenty of other ways you can use a VPN, not just for cybersecurity issues. You just have to use your imagination and give it a shot! When traveling, you can use your VPN to access public WiFi without worrying about how secure the connection is.

Have a Premium Antivirus

With an antivirus, you can keep all your systems in check. The antivirus will let you know what programs are outdated, what vulnerabilities your PC face, and more. Antiviruses have the advantage of being regularly updated to combat the newest threats.

VPNs are also so popular in cybersecurity that some antiviruses have implemented their own VPN features, but they aren’t as good as direct VPN providers.

Don’t Use Administrator Privileges

When a computer gets infected with malware or a virus, it will use the same functions you had when the PC was infected. When the user is logged in with Administrator privileges, a virus-infected PC can wreak havoc on your PC.

That is why it is a good idea to create a user profile on your PC with fewer privileges. You can always switch back to Administrator mode to make complex changes to your PC when needed. And as a final tip, avoid downloading pirated files and clicking on suspicious links. Don’t take your security for granted!

About the author

Saman Iqbal

Saman is a law student. She enjoys writing about tech, politics and the world in general. She's an avid reader and writes fictional prose in her free time.

Daily Newsletter