| Packages | Download |
|---|---|
| rpm | |
| deb | |
| tgz |
| Images |
|---|
docker pull docker.io/falcosecurity/falco:0.29.1
|
docker pull public.ecr.aws/falcosecurity/falco:0.29.1
|
docker pull docker.io/falcosecurity/falco-driver-loader:0.29.1
|
docker pull docker.io/falcosecurity/falco-no-driver:0.29.1
|
Minor Changes
Rule Changes
- rule(list user_known_userfaultfd_processes): list to exclude processes known to use userfaultfd syscall [#1675] - @leodido
- rule(macro consider_userfaultfd_activities): macro to gate the "Unprivileged Delegation of Page Faults Handling to a Userspace Process" rule [#1675] - @leodido
- rule(Unprivileged Delegation of Page Faults Handling to a Userspace Process): new rule to detect successful unprivileged userfaultfd syscalls [#1675] - @leodido
- rule(Linux Kernel Module Injection Detected): adding container info to the output of the rule [#1675] - @leodido
Non user-facing changes
Statistics
| Merged PRs | Number |
|---|---|
| Not user-facing | 2 |
| Release note | 1 |
| Total | 3 |