Link Search Menu Expand Document

Container Breakout Vulnerabilities

A list of CVEs in the various parts of the container stack that could allow for unauthorised access to host resources (e.g. filesystem, network stack) from a container.

With Linux issues it can be a bit tricky to say if they’re container escapes or not so generally looking at ones where container escape has been demonstrated.

Linux CVEs

  • CVE-2022-0847 - a.k.a DirtyPipe. Vulnerability allows for overwrite of files that should be read-only. Basic container information here, full container breakout PoC writeup here and code here
  • CVE-2022-0492. Vulnerability in cgroup handling can allow for container breakout depending on isolation layers in place. Container breakout details here
  • CVE-2022-0185 - Local privilege escalation, needs CAP_SYS_ADMIN either at the host level or in a user namespace
  • CVE-2021-31440 - eBPF incorrect bounds calculation allows for privesc.
  • CVE-2021-22555 - Linux LPE used to break out of Kubernetes pod by the researcher
  • CVE-2017-1000112 - memory corruption in UFO packets.
  • CVE-2016-5195 - (a.k.a ‘dirty CoW’) - race condition leading to incorrect handling of Copy on Write.
  • CVE-2017-5123 - vulnerability in the WaitID syscall.

runc CVEs

  • CVE-2021-30465 - race condition when mounting volumes into a container allows for host access.
  • CVE-2019-5736 - overwrite runc binary on the host system at container start.
  • CVE-2016-9962 - access to a host file descriptor allows for breakout.

Containerd CVEs

  • CVE-2022-23648 - Vuln in volume mounting allows for arbitrary file read from the underlying host, leading to likely indirect container breakout. PoC exploit here


  • CVE-2022-0811 - Vulnerability in setting sysctls in k8s/OpenShift manifests allows for container breakout. Linked post has full PoC details.

Docker CVEs

  • CVE-2021-21284 - When using user namespaces, a user with some access to the host filesystem can modify files which they should not have access to.

Kubernetes CVES

  • CVE-2021-25741 - race condition in when using hostPath volumes allows for privileged access to host filesystem
  • CVE-2021-25737 - unauthorized access to host network stack by using endpoint slices
  • CVE-2017-1002101 - subpath volume mount handling allows arbitrary file access in host filesystem
  • CVE-2017-1002102 - Arbitrary deletion of files on the host possible when using some Kubernetes volume types