Think of it this way: what if the author had titled it "Escaping Ubuntu containers" ?

"Ubuntu container" is just not a name typically used for anything. "Docker container" is.

Let's make it realistic and say he had used RedHat OpenShift as his target and example for the exploit. I'd be completely fine with the title referencing that exact product by name.

Why would he have to dance around what he is using in his demo? Maybe that concrete product has multiple layers of security or lacks them, or uses a certain version etc. He can only speak to what he himself was using and testing. "Escaping Docker container..." is the best short description (as you would need it for a title) of this demo exploit I can think of.

Why? The article demonstrates exploitation of Docker containers.

Yeah, but is it limited to Docker containers? Can other container types be attacked in the same way?

It is a reasonable _assumption_ that other container runtimes on linux might be affected by the same kernel bug. The article does not explore that and the author has no duty to do so just to avoid using a branded technology name.

How would you reasonably talk about "Linux containers" without having a very exhaustive list of all existing implementations and testing all of them? If one of them is not affected you are now factually wrong.

The exploit overwrites kernel memory credentials of a task structure. That structure is the lynchpin of kernel security, including SELinux.

Sure, you can write an article demonstrating exploitation of Ubuntu containers and call it "Escaping Ubuntu containers".

The former part was exactly what was done.