Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
runc container escape via file descriptor overwrite (CVE-2019-5736)
CVE-2019-5736 let malicious containers overwrite the host runc binary and gain root — here's the mechanism, affected versions, and how to remediate it.
Linux cgroups release_agent container escape (CVE-2022-0492)
CVE-2022-0492 lets containers with CAP_SYS_ADMIN escape via cgroup v1's release_agent. Impact, timeline, and concrete remediation steps inside.
containerd-shim abstract Unix socket container escape (CVE-2020-15257)
CVE-2020-15257 let containers sharing a host network namespace abuse containerd-shim's abstract socket API. Here's the impact, fix, and remediation path.
Windows MSHTML Spoofing CVE-2024-43573 Explained
CVE-2024-43573 is a zero-day MSHTML spoofing flaw patched by Microsoft in October 2024. Here is the chain, detection, and why MSHTML keeps biting.
Kubernetes validating admission webhook bypass (CVE-2021-25735)
CVE-2021-25735 let attackers bypass Kubernetes validating admission webhooks on Node objects via a kube-apiserver flaw. Here's the fix and detection path.
Kubernetes kubelet symlink volume mount escape (CVE-2021-25741)
CVE-2021-25741 lets attackers escape subPath volume mounts in Kubernetes kubelet via a symlink race, exposing host files and enabling privilege escalation.
containerd CRI plugin mount escape (CVE-2022-23648)
CVE-2022-23648 let crafted pod volume specs bypass containerd's CRI mount isolation to reach arbitrary host files — versions, severity, and fixes.
Linux AF_PACKET privilege escalation (CVE-2020-14386)
CVE-2020-14386 lets a local attacker with CAP_NET_RAW corrupt Linux kernel heap memory via AF_PACKET and escalate privileges. Here's the fix and impact.
sudo -e/sudoedit privilege escalation bypass (CVE-2019-14287)
CVE-2019-14287 let sudo users bypass "run as any user except root" rules via `sudo -u#-1`, gaining full root. Here's how it worked and how to fix it.
PwnKit polkit pkexec local privilege escalation (CVE-2021-4034)
PwnKit (CVE-2021-4034) is a 12-year-old polkit pkexec flaw giving any local user instant root on most Linux distros. Here's the full breakdown and fix.
zlib heap buffer overflow via crafted input (CVE-2022-37434)
CVE-2022-37434: a heap buffer overflow in zlib's gzip header parsing. Affected versions, CVSS/EPSS/KEV context, timeline, and how to remediate it.
libwebp animated WebP overflow (CVE-2023-5129)
CVE-2023-5129 exposed a critical libwebp heap overflow, then got rejected as a duplicate of CVE-2023-4863 — leaving two CVE trails for one flaw.