We are running Flatcar in Azure for a Kubernetes installation.
nodeInfo:
architecture: amd64
bootID: <snip>
containerRuntimeVersion: containerd://1.5.7
kernelVersion: 5.10.93-flatcar
kubeProxyVersion: v1.20.11
kubeletVersion: v1.20.11
machineID: fa33a5f155fa43de933e4074087128dd
operatingSystem: linux
osImage: <snip>
systemUUID: <snip>
% k exec -ti ubutest2 -- /bin/bash
root@ubutest2:/# which pscap
/usr/bin/pscap
root@ubutest2:/# pscap -a
ppid pid name command capabilities
0 1 root bash chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap
0 290 root bash chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap
root@ubutest2:/# unshare -r
# id
uid=0(root) gid=0(root) groups=0(root)
# pscap -a
ppid pid name command capabilities
0 1 root bash chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap
0 290 root bash chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap
290 301 root sh full
#
(For clarity, this is an ubuntu container that I've installed pscap into already)
Am I not understanding the process here, or is the above test not valid for proving the vulnerability is there and exploitable? My goal is to just make sure that this CVE is addressed for 3033.2.1
Thanks,
Justin