TF 0365 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
hostPath volume mounted with docker.sock
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | misconfiguration |
Description
Mounting the host's /var/run/docker.sock into a container using a hostPath volume gives the container direct access to the Docker daemon, effectively granting it root-level control over the host system.
Impact
If exploited, this allows attackers within the compromised container to control Docker on the host, potentially launching new privileged containers, modifying existing ones, or taking full control of the host, leading to complete environment compromise.
Resolution
Do not specify /var/run/docker.socket in 'spec.template.volumes.hostPath.path'.