New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Details have emerged concerning a now-patched high-severity vulnerability in the Linux kernel, which could be exploited to escape a container and execute arbitrary instructions on the container host.

The flaw is in a Linux kernel feature called control groups, which allows programmes to be arranged into hierarchical groups, allowing for the limitation and monitoring of resources such as CPU, memory, disc I/O, and network.