Количество 19
Количество 19
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
CVE-2025-31133
runc container escape via "masked path" abuse due to mount race conditions
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to th ...
GHSA-9493-h29p-rfm2
runc container escape via "masked path" abuse due to mount race conditions
BDU:2025-14041
Уязвимость функции maskedPaths инструмента для запуска изолированных контейнеров runc, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
ROS-20251125-13
Уязвимость runc
openSUSE-SU-2025-20072-1
Security update for runc
SUSE-SU-2025:4081-1
Security update for podman
SUSE-SU-2025:4080-1
Security update for podman
SUSE-SU-2025:4079-1
Security update for podman
SUSE-SU-2025:4077-1
Security update for runc
SUSE-SU-2025:4073-2
Security update for runc
SUSE-SU-2025:4073-1
Security update for runc
SUSE-SU-2025:3951-1
Security update for runc
SUSE-SU-2025:3950-1
Security update for runc
ELSA-2025-21232
ELSA-2025-21232: container-tools:rhel8 security update (IMPORTANT)
ELSA-2025-20957
ELSA-2025-20957: runc security update (IMPORTANT)
ELSA-2025-19927
ELSA-2025-19927: runc security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-31133 runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3. | 0% Низкий | 24 дня назад | |
 | CVE-2025-31133 runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3. | 0% Низкий | 24 дня назад | |
 | CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions | 0% Низкий | 22 дня назад | |
| CVE-2025-31133 runc is a CLI tool for spawning and running containers according to th ... | 0% Низкий | 24 дня назад | |
| GHSA-9493-h29p-rfm2 runc container escape via "masked path" abuse due to mount race conditions | 0% Низкий | 26 дней назад | |
 | BDU:2025-14041 Уязвимость функции maskedPaths инструмента для запуска изолированных контейнеров runc, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 8.2 | 0% Низкий | 26 дней назад |
 | ROS-20251125-13 Уязвимость runc | CVSS3: 8.2 | 0% Низкий | 6 дней назад |
 | openSUSE-SU-2025-20072-1 Security update for runc | 11 дней назад | ||
| SUSE-SU-2025:4081-1 Security update for podman | 19 дней назад | ||
| SUSE-SU-2025:4080-1 Security update for podman | 19 дней назад | ||
| SUSE-SU-2025:4079-1 Security update for podman | 19 дней назад | ||
| SUSE-SU-2025:4077-1 Security update for runc | 19 дней назад | ||
| SUSE-SU-2025:4073-2 Security update for runc | 7 дней назад | ||
| SUSE-SU-2025:4073-1 Security update for runc | 19 дней назад | ||
| SUSE-SU-2025:3951-1 Security update for runc | 26 дней назад | ||
| SUSE-SU-2025:3950-1 Security update for runc | 26 дней назад | ||
| ELSA-2025-21232 ELSA-2025-21232: container-tools:rhel8 security update (IMPORTANT) | 14 дней назад | ||
| ELSA-2025-20957 ELSA-2025-20957: runc security update (IMPORTANT) | 6 дней назад | ||
| ELSA-2025-19927 ELSA-2025-19927: runc security update (IMPORTANT) | 24 дня назад |
Уязвимостей на страницу