| Layer 2 network security bypass using VLAN 0, LLC/SNAP headers and invalid length |
|
|
|
| Metadata service MITM allows root privilege escalation (EKS / GKE) |
|
|
|
| runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) |
|
|
|
| Host MITM attack via IPv6 rogue router advertisements (K8S CVE-2020-10749 / Docker CVE-2020-13401 / LXD / WSL2 / ...) |
|
|
|
| Kubernetes man in the middle using LoadBalancer or ExternalIPs (CVE-2020-8554) |
|
|
|
writeups.xyz
/
Etienne Champetier / Champtar