u/CryOwn50

ibm cloud services in AMS3 were reportedly disrupted for 4+ hours on may 7 after a fire at the northc facility in almere. the status page showed no major issues during this time, and users were finding out through downdetector/statusgator first.

separately, aws also had thermal/power issues in us-east-1-az4 that week which impacted coinbase, fanduel, and others for hours.

outages happen. what stood out was how official status pages can lag behind what users are actually experiencing during large incidents.

so what are people here actually using for early signal during incidents? vendor status pages, third-party monitoring, synthetic checks, or slack/reddit/x?

Docker v29.3.1 dropped in March with a fix for CVE-2026-34040 (CVSS 8.8)

the bug is weird. Dockers middleware strips request bodies over ~1mb before AuthZ plugins see them but the daemon still processes the full thing. so the plugin evaluates an empty body, approves it, and the daemon runs whatever was actually in the request

the AuthZ plugin and daemon are literally looking at different requests

craft an oversized request, plugin sees nothing suspicious and approves it, daemon executes the full payload with elevated access. could spin up privileged containers, read bind mounted host files, maybe even break out depending on how things are configured

this is supposedly related to CVE-2024-41110 from last year which was "fixed" but apparently not really. i'm starting to think nobody actually tests these patches

mainly a problem if you expose the Docker API over TCP (even internally), run CI/CD that talks to Docker remotely, or lean on AuthZ plugins for access control

check your version:

docker version --format '{{.Server.Version}}'

anything under 29.3.1 has the bug

if your Docker API is network accessible this is one to actually fix rather than add to the backlog and forget about

just ran into this while auditing our infra and would love to hear your thoughts