Is my Docker container vulnerable to cgroup controller escape?

/static/assets/linux-logo.svg
Containers that are running in privileged mode may be vulnerable to a privilege escalation and container escape. This TTP attempts to configure a cgroup controller release_agent to execute an arbitrary script as the root user. It is important that containers are not running in privileged mode, as adversaries may establish persistence by modifying mounted files, elevate privileges, and escape the container.
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.0)
Test this TTP using one of our Operator chains
Is my Docker container vulnerable to cgroup controller escapes?

2022-11-08

/static/assets/linux-logo.svg
Escape Docker container via cgroup controller.