Tag

#containers

2 posts tagged #containers.

Field Note · May 28, 2026 · Colten Anderson

NGINX Rift: four places apt upgrade doesn't reach

The host patch for CVE-2026-42945 shipped on day one. The container images, the App Protect WAF in front of it, the downstream forks, and the config audit it leaves behind are separate jobs.
Analysis · May 3, 2026 · Colten Anderson

Copy Fail is a 732-byte root shell. Patch your Linux fleet this week.

CVE-2026-31431 is a deterministic privilege escalation in the Linux kernel affecting versions 4.14 through 6.19. A Python script gives any local user root. Every major distro is affected, containers don't help, and the mitigation is trivial.