Описание
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.0.0~rc10-0ubuntu1~18.04.2 |
| devel | released | 1.0.0~rc10-0ubuntu1 |
| disco | ignored | end of life |
| eoan | released | 1.0.0~rc10-0ubuntu1~19.10.2 |
| esm-apps/bionic | released | 1.0.0~rc10-0ubuntu1~18.04.2 |
| esm-apps/xenial | released | 1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4+esm4 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | released | 1.0.0~rc10-0ubuntu1 |
| focal | released | 1.0.0~rc10-0ubuntu1 |
| groovy | released | 1.0.0~rc10-0ubuntu1 |
Показывать по
Ссылки на источники
4.4 Medium
CVSS2
7 High
CVSS3
Связанные уязвимости
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalat ...
4.4 Medium
CVSS2
7 High
CVSS3