A vulnerability that might have allowed an attacker with access to an Azure Linux container to elevate privileges and take control of the entire cluster has been patched by Microsoft.
The vulnerability, identified as CVE-2022-30137, affects Service Fabric, a Microsoft container orchestrator that manages services across container clusters. Over a million applications are hosted by Service Fabric, according to Microsoft. The security flaw was discovered and disclosed by Palo Alto Networks security experts.
They claim that it can only be exploited on containers that have access to the Service Fabric runtime, which implies access to the log directory. Although the flaw exists in both Linux and Windows clusters, only Linux can be used to exploit it.