This curated record is not a comprehensive list of all vulnerabilities, but focuses on high-impact CVEs relevant to production Kubernetes environments, specifically tracking critical threats highlighted in official Google Kubernetes Engine (GKE) security bulletins.
A race condition in mm/gup.c allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature.
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
Memory corruption in the Linux kernel packet socket (AF_PACKET) allows unprivileged processes to gain root privileges.
A symlink-exchange race condition in runc allows container filesystem breakout via directory traversal.
An integer overflow in fs/seq_file.c buffer allocations leads to an out-of-bounds write and root privilege escalation.
A use-after-free flaw in the Linux kernel cgroup v1 parser allows local privilege escalation and container breakout.
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service.
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length.
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.
A flaw was found in the way the 'flags' member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation.
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c.
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root.
A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring.
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.
In the Linux kernel, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts.
A speculative execution vulnerability (Retbleed) in modern microprocessors allows unprivileged attackers to leak kernel memory.
Io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP.
In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free.
There exists a use-after-free in io_uring in the Linux kernel.
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
Io_uring UAF, Unix SCM garbage collection.
Moby is an open-source project created by Docker to enable and accelerate software containerization.
Privilege escalation in io_uring
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
Runc is a CLI tool for spawning and running containers on Linux according to the OCI specification.
Privilege escalation due to use-after-free in kernel TLS
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel.
Privilege escalation due to use-after-free in nf_tables
Privilege escalation due to use-after-free in kernel TLS
Privilege escalation due to use-after-free in kernel TLS
Privilege escalation due to use-after-free in kernel TLS
Privilege escalation due to anonymous set in nf_tables
Privilege escalation due to race condition in nf_tables
Privilege escalation due to use-after-free in nf_tables
Privilege escalation in nft_verdict_init
Unsafe Python Pickle deserialization of ML models
Privilege escalations due to use-after-free in packet processing
Vulnerability in io_uring and SCM_RIGHTS
Out-of-bounds access in eBPF verifier
Privilege escalation due to use-after-free in kernel TLS
Privilege escalation in net/packet / nf_tables
Capabilities inheritance flaw in containerd 1.4
Use-after-free flaw in Qdisc
Bad handling of symlinks in malicious user-supplied image
Privilege escalation in netfilters
Privilege escalation in netfilter
Linux qdisc implementation flaw
Vsock privilege escalation
Local privilege escalation in qdisc
Local privilege escalation in qdisc
ctstate RELATED iptables rule flaw
Operations on net devices during unregister
Local privilege escalation in qdisc
Local privilege escalation in qdisc
Local privilege escalation in qdisc
io_uring ring mapped supplied buffers vulnerability
Use-after-free in HFSC packet scheduling
Use-after-free in HFSC packet scheduling
Race in PRIO qdisc
Use-after-free in Qdisc
Use-after-free in QFQ scheduling
Use-after-free in xfrm interface
Data corruption in Kernel TLS
Use-after-free in net/packet
Use-after-free in vsock
Buffer overflow in Kernel TLS
Data race in AF_ALG socket
Data corruption in IPSec
Use-after-free in IP Virtual Server
Integer underflow in crypto
Data race in GC alive socket receiver queue
Data race deleting tunnel
NULL pointer dereference in authencesn
Use-after-free in teql
Use-after-free in nftables map
Use-after-free in macvlan
Local privilege escalation in AppArmor
Read/write tenant data in shared GPU environments
Use-after-free in nf_tables
Denial of Service due to cleanup failure in nf_tables
Local Denial of Service in netfilter
Use-after-free in af_unix GC
Local privilege escalation in snap-confine and systemd-tmpfiles
Use-after-free via race condition
Use-after-free in netfilter
Data structure mishandling in ipset
Use-after-free in IPv6 stack
Chained attack in AF_ALG + splice syscall
Use-after-free in packet_release via NETDEV_UP race
Use-after-free in tls_do_encryption
Linux bonding device vulnerability leading to container escape
Improper handling of shared socket buffer (skb) fragments during Encapsulating Security Payload (ESP) decryption in the xfrm subsystem in the Linux kernel allows a local user to write to read-only page-cache pages, potentially leading to local privilege escalation.
GhostLock: A use-after-free vulnerability in the Linux kernel rtmutex implementation during futex_requeue operations allows local privilege escalation and container escapes.
DirtyClone: Failure to properly propagate the SKBFL_SHARED_FRAG flag when cloning network packets in the Linux kernel allows local privilege escalation.
Januscape: A use-after-free vulnerability in the KVM shadow MMU code in the Linux kernel allows guest-to-host escape and privilege escalation to root.