Описание
A flaw was found in nspawn, a container runtime environment within systemd. A local attacker or a process within an nspawn container could exploit this vulnerability by using a specially crafted optional configuration file. This could allow the attacker to escape the container's isolation and execute arbitrary actions on the host system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 10 | rpm-ostree | Not affected | ||
| Red Hat Enterprise Linux 10 | systemd | Not affected | ||
| Red Hat Enterprise Linux 7 | systemd | Not affected | ||
| Red Hat Enterprise Linux 8 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 8 | systemd | Not affected | ||
| Red Hat Enterprise Linux 9 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 9 | systemd | Not affected | ||
| Red Hat Hardened Images | systemd | Not affected | ||
| Red Hat OpenShift Container Platform 4 | NetworkManager | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.4 Medium
CVSS3
Связанные уязвимости
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
In nspawn in systemd 233 through 259 before 260, an escape-to-host act ...
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
EPSS
6.4 Medium
CVSS3