To conclude the tale of CVE-2023-2163 here is the exploit github.com/google/securit… Thanks again @chompie1337 for her amazing RCA and her other ebpf research @meadori For his amazing engineering feedback and also amazing help with RCA @scannell_simon For his original research!
I could say more thank you words for these three amazing people, but my gratitude does not fit in a single tweet :)
@thatjiaozi Nice exploit! One quick question, there's a mention in the README of it being useful for container escape, is there a version of the PoC around that could be used to demonstrate that?
@thatjiaozi @chompie1337 @meadori @scannell_simon Well, great PoC, thank you to the team behind it. I would recommand to read it, the CVE report and the commit to understand it more. 1/2
@thatjiaozi @chompie1337 @meadori @scannell_simon Do we have a patch for CVE-2023-2163 ????