• Posts
CVE-2024-21626
• Exploring Hidden Vulnerabilities in Legacy Docker Versions
• Playing with CVE-2024-21626
Reverse Engineering
• Playing with Unicorn framework [1]
Software Development
• Test Driven Development
  • Exercise: Catch and report setUp errors
  • Exercise: Create TestSuite from a TestCase class
  • Exercise: Invoke tearDown even if the test method fails
  • TDD by example

Exploring Hidden Vulnerabilities in Legacy Docker Versions: Lessons from CVE-2024–21626

The content of this article is for educational and research use only. The information provided must not be implemented in a real-world environment, and no responsibility is assumed for any consequences resulting from its application in a real-world scenarios. You are responsible for any risks arising from any behavior not related to the above scope. 1. Introduction 1.1 Why this article? During my analysis about CVE-2024–21626 I discovered some interesting thing in old legacy runc components (that is not mentioned in the security advisory GHSA-xr7r-f8xq-vfvv).

Friday, November 8, 2024 | 5 minutes Read

Playing with CVE-2024-21626

The content of this article is for educational and research use only. The information provided must not be implemented in a real-world environment, and no responsibility is assumed for any consequences resulting from its application in a real-world scenarios. You are responsible for any risks arising from any behavior not related to the above scope. Related Article While investigating CVE-2024–21626, I discovered an overlooked vulnerability in older versions of Docker and runC.

Friday, May 17, 2024 | 17 minutes Read