Уязвимость компонента libcontainer/rootfs_linux.go инструмента для запуска изолированных контейнеров Runc, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

runc through 1.1.4 has Incorrect Access Control leading to Escalation ...

Opencontainers runc Incorrect Authorization vulnerability

Security update for runc

Security update for runc

ELSA-2023-12579: aardvark-dns security update (IMPORTANT)

ELSA-2023-12578: buildah security update (IMPORTANT)

ELSA-2023-6380: runc security update (MODERATE)

ELSA-2023-6938: container-tools:4.0 security and bug fix update (MODERATE)

ELSA-2023-6939: container-tools:ol8 security and bug fix update (MODERATE)