E-Ink News Daily

Back to list

ipv6_frag_escape: Linux LPE - Reliable Jail/Container Escape

This repository details a reliable unprivileged container escape proof-of-concept for CentOS/RHEL 10, exploiting a fixed IPv6 fragmentation bug in the Linux kernel. The attack chain allows an attacker to escalate from an isolated container to a root shell on the host system by leveraging an in-slab linear overflow.

Background

Container isolation relies heavily on kernel security features; however, kernel vulnerabilities can sometimes allow processes to break out of these boundaries. This specific exploit targets the networking stack within the kernel to achieve privilege escalation.

Source
Lobsters
Published
Jun 30, 2026 at 01:01 AM
Score
8.0 / 10