Impact
With this exploit, inter container communication (ICC) is not disabled. This would allow users within a container to access another containers agent, therefore compromising access.
Patches
The problem has been patched in any Stardust build past 12/20/24.
Workarounds
Get a list of containers
docker ps -a --filter network=stardust --format "table {{.ID}}"
Recreate the network preventing ICC
docker network rm stardust
docker network create --opt "com.docker.network.bridge.enable_icc"="false" stardust
for i in "${ST_CONTAINERS[@]}"; do docker network connect stardust $i; done
somedigitalmoon Reporter
Impact
With this exploit, inter container communication (ICC) is not disabled. This would allow users within a container to access another containers agent, therefore compromising access.
Patches
The problem has been patched in any Stardust build past 12/20/24.
Workarounds
Get a list of containers
Recreate the network preventing ICC