all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Azure Serverless Functions escape to host

Add to bookmarks
Dec. 15, 2022, midnight |

The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org

In Azure Serverless Functions, a new container is generated by the host for every function,
which is then terminated and deleted after several minutes. Palo Alto discovered that an
API call was available to bind one path to another within the container (called "init_server_pkg_mount_BindMount")
that could be called by a low-privileged user but executed with root privileges. This could
enable a malicious tenant to escalate their privileges to root, and then escape their container
by abusing the Linux cgroup v1 …

azure escape functions host serverless serverless functions

Visit resource

More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database

Internal Azure Container Registry writable via exposed secret 4 days, 3 hours ago | www.cloudvulndb.org
access apollo azure azure container registry +19
Lethal Injection 1 week, 6 days ago | www.cloudvulndb.org
access amp attackers auth +24
GraphNinja 3 weeks ago | www.cloudvulndb.org
attackers attacks authentication credentials +14
AWS Amplify IAM role publicly assumable exposure 1 month ago | www.cloudvulndb.org
account amplify aws cli +12
AWS Glue database password leakage 1 month, 1 week ago | www.cloudvulndb.org
access aws aws glue can +11
FlowFixation 1 month, 4 weeks ago | www.cloudvulndb.org
airflow amazon apache attack +25
Synapse Analytics privilege escalation via intelligent caching 2 months, 1 week ago | www.cloudvulndb.org
analytics caching context environment +16
Azure Site Recovery privilege escalation 3 months, 1 week ago | www.cloudvulndb.org
access access token account asr +19
Azure HDInsight privilege escalation and DoS vulnerabilities 3 months, 2 weeks ago | www.cloudvulndb.org
apache attacker azure dos +9

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com