Описание
Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path component-by-component, a shared-mount race can substitute intermediate components and redirect the final target. This issue is fixed in version 0.5.7.
Ссылки
- Patch
- Vendor Advisory
- Not Applicable
- Not Applicable
- Not Applicable
Уязвимые конфигурации
Конфигурация 1Версия до 0.5.7 (исключая)
cpe:2.3:a:youki-dev:youki:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 15%
0.0005
Низкий
10 Critical
CVSS3
Дефекты
CWE-61
Связанные уязвимости
CVSS3: 10
github
3 месяца назад
youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects
EPSS
Процентиль: 15%
0.0005
Низкий
10 Critical
CVSS3
Дефекты
CWE-61