Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.
References
Link | Resource |
---|---|
https://github.com/bottlerocket-os/hotdog/security/advisories/GHSA-qfhv-c5cc-mhgp | Third Party Advisory |
https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2022-04-19T00:00:00
Updated: 2022-04-19T22:15:21
Reserved: 2021-01-07T00:00:00
Link: CVE-2021-3101
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-19T23:15:13.107
Modified: 2022-10-25T19:30:10.573
Link: CVE-2021-3101
JSON object: View
Redhat Information
No data.