# KubeArmor is an open source software that enables you to protect your cloud workload at run-time.
# To learn more about KubeArmor visit: 
# https://www.accuknox.com/kubearmor/ 

apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
  name: ksp-cve-2022-0185-block-container-escape
  namespace: default   #change the namespace your requirement 
spec:
  tags: ["CVE","K8s","CVE-2022-0185", "Privilege Escalation", "Heap Overflow"]
  message: "Alert! Privileged functions invoked, possible exploitation of CVE-2022-0185 "
  selector:
    matchLabels:
      app: ubuntu-pod    #change label app: ubuntu-pod to your label
  capabilities:
    severity: 8
    matchCapabilities:
    - capability: sys_admin
  action:
    Block