back to article Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers

An infosec bod has documented a remote-code execution flaw in Alpine Linux, a distro that pops up a lot in Docker containers. Max Justicz, researcher and creator of crowd-sourced bug bounty system Bountygraph, said on Thursday that the vulnerability could be exploited by someone with man-in-the-middle (MITM) network access, or …

  1. ibmalone

    Rotten code in a container can only get more rotten

    Surströmming (technically not rotten...)

    1. Anonymous Coward
      Anonymous Coward

      Re: Rotten code in a container can only get more rotten

      Well, if you want rotten, your best bet is Hákarl.

      Ah, those wacky Nordics with their spoiled food...

      Takes a bite of a pickle, washes it down with some kefir.

  2. Updraft102

    I know this IoT thing is getting out of hand, but Linux in trousers? Seems a bit excessive. <g>

    1. Hero Protagonist

      As Wallace found out the hard way...

  3. streaky
    Black Helicopters

    During build

    So not actually that dangerous after all.

    Speaking as somebody who builds a lot of docker images I never really got the attraction to alpine - yeah it's smaller but layers render the whole thing moot; you could hide a full windows install behind layers and nobody would really care - YOUR layer might only be a few MB, that's the power of containers.

    Seriously though, not convinced by the dangerous thing, it's bordering on the targetted by a state actor level - at which point you have bigger problems - and easy to fix.

  4. Anonymous Coward
    Anonymous Coward

    any CVE?

    is there a CVE number with this?


    1. diodesign (Written by Reg staff) Silver badge

      Re: any CVE?

      Not that we're aware of.


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like