If you're running containers, make sure you have SELinux in enforcing mode (the default in RHEL) and patch your nodes. #runcescape
"runc - Malicious container escape - CVE-2019-5736"
BTW, this is another critical security issue successfully mitigated by the default SELinux policies. Looks like @rhatdan was right all along and the initial pain was worth it. 😉
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!