Kernel vulnerabilities in cloud-managed environments expose complex security risks that blur traditional isolation assumptions. This session examines a Use-After-Free flaw and reference-counting weaknesses in the Netfilter module affecting Linux kernels used by Azure Cloud Shell. By exploiting transactional flaws and RCU behavior, attackers can elevate privileges within their own Cloud Shell container, enabling root access and limited container escape. While single-tenant hypervisor isolation prevents cross-tenant compromise, these weaknesses still affect user-level cloud resource security. The analysis traces vulnerability root causes, exploitation paths and mitigation strategies, underscoring the need for hardened kernel modules in cloud platforms and the value of proactive vulnerability research.

In this insightful session, Alla Vamsi Krishna, project assistant at Indian Institute of Science, and Kandi Abhishek Reddy, technical lead at Nokia, discuss:

• Netfilter transaction flaws and improper reference counting;
• Exploitation paths to privilege escalation in cloud shells;
• Security boundaries in single-tenant cloud isolation models.