Hotdog Container Escape

Vulnerability

Hotdog versions prior to v1.0.2 do not properly mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This is a regression from an incomplete fix for CVE-2021-3101 [1]. The affected component is the OCI hook based hot patch solution for Bottlerocket hosts [1].

Exploitation

An attacker already running code inside a container on a Bottlerocket host where Hotdog is installed can exploit this vulnerability. The attacker does not need to run a Java application within the container; they can use the Hotdog hook to launch a process that inherits the privileges of the patching service, bypassing the intended confinement [1]. The exploit does not require user namespace or non-root user to be disabled [1].

Impact

Successful exploitation allows the attacker to escape the container and gain access to the host. The attacker can exhaust host resources (CPU, memory, disk), modify host devices, or invoke syscalls that would normally be blocked by the container runtime's seccomp profile or other filters [1][2]. This effectively grants the attacker host-level privileges, leading to full host compromise.

Mitigation

AWS released fixed versions on April 19, 2022: Hotdog v1.0.2 is the patched version [1][2]. Users should upgrade to Hotdog v1.0.2 or later. For environments using the log4j-cve-2021-44228-hotpatch package or the kubernetes-log4j-cve-2021-44228-node-agent DaemonSet, upgrade to version 1.1-16 [1]. No workaround is available beyond upgrading.