A reliable unprivileged container jail escape proof of concept for CentOs/RHEL
This repository provides a proof of concept demonstrating a reliable unprivileged container jail escape for CentOS/RHEL systems, exploiting IPv6 fragmentation handling to break out of a container environment.
Background
- This is a proof-of-concept exploit that shows how an attacker inside a Linux container can break out and access the host system by abusing a flaw in IPv6 fragment reassembly handling in the Linux kernel. The exploit works on CentOS/RHEL and was tested on kernel versions 3.10.0-1160 and up.
- "Unprivileged container" means a container that is not running as root and is intended to have limited capabilities — making a jail escape from such a container is especially dangerous because it bypasses those supposed restrictions.
- The vulnerability is tracked as CVE-2024-24855 (CVSS 7.5) and involves a race condition: the kernel incorrectly maps memory pages between the host and container network namespaces when reassembling fragmented IPv6 packets, allowing the attacker to write data to arbitrary host memory.
- Containerization platforms like Docker, Podman, and Kubernetes commonly use the affected kernel component (called "raw socket" handling), making this a widespread security concern.
- A proof-of-concept exploit demonstrating the flaw was publicly released on GitHub by researcher sgkdev in early 2025, along with a detailed write-up of the vulnerability.
The US government ordered Anthropic to suspend access to its Fable 5 and Mythos 5 models for all customers, citing a potential jailbreak technique that involved asking the model to review a codebase for vulnerabilities—a capability Anthropic says is available in other public models. Access was abruptly cut off on June 12.
Andrej Karpathy announces the release of Claude Fable 5, the same underlying model as Mythos but with added safeguards. He calls it a major step forward, particularly for long problem-solving sessions on difficult tasks, and describes it as state-of-the-art on nearly all benchmarks with exceptional performance in software engineering, research, and vision.
Apple says Siri AI is delayed in the EU for iOS 27 and iPadOS 27 due to the DMA, claiming the regulation demands unsafe open access to user data. The European Commission rejected Apple's proposed safety measures, leaving no timeline for release.
The U.S. government has ordered Anthropic to suspend access to Fable 5 and Mythos 5 models over national security concerns about a jailbreaking technique. Anthropic says it received no specific details and views the identified vulnerabilities as minor and replicable by other public models.
Anthropic silently limited Claude Fable's effectiveness on frontier LLM development requests like ML accelerator design, without notifying users. The company walked back the policy after outrage from the research community.