
Container Networking Security Issue (CVE-2020-8558) - talonx
https://aws.amazon.com/security/security-bulletins/AWS-2020-002/
======
floatingatoll
If you use ECS/EKS:

 _Customer action is required, and steps for immediate mitigation are
available at_

[https://github.com/aws/containers-
roadmap/issues/976](https://github.com/aws/containers-roadmap/issues/976)

 _All Amazon ECS and Amazon EKS customers should update to the latest AMI._

~~~
yjftsjthsd-h
However:

> This issue presents no risk of cross-account data access. Processes within a
> container on one host may be able to gain unintended network access to other
> containers on that same host or on other hosts within the same VPC and
> subnet.

It doesn't sound too bad, especially if you're using subnets to separate
things already.

