Search CVE reports
1 – 10 of 16 results
Some fixes available 5 of 13
container escape and denial of service due to arbitrary write gadgets and procfs write redirects
3 affected packages
runc, runc-app, runc-stable
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Ignored | Ignored | Ignored | Ignored |
| runc-app | Fixed | Fixed | Ignored | — |
| runc-stable | Not in release | Not in release | Not in release | Not in release |
Some fixes available 5 of 13
container escape with malicious config due to /dev/console mount and related races
3 affected packages
runc, runc-app, runc-stable
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Ignored | Ignored | Ignored | Ignored |
| runc-app | Fixed | Fixed | Ignored | — |
| runc-stable | Not in release | Not in release | Not in release | Not in release |
Some fixes available 5 of 13
container escape via 'masked path' abuse due to mount race conditions
3 affected packages
runc, runc-app, runc-stable
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Ignored | Ignored | Ignored | Ignored |
| runc-app | Fixed | Fixed | Ignored | — |
| runc-stable | Not in release | Not in release | Not in release | Not in release |
runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations...
2 affected packages
runc, runc-app
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| runc-app | Vulnerable | Vulnerable | Vulnerable | — |
Some fixes available 4 of 5
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Not affected | Fixed | Fixed | Fixed |
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | — | Fixed | Fixed | Fixed |
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | — | Fixed | Fixed | Fixed |
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | — | Fixed | Fixed | Fixed |
Some fixes available 5 of 6
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | — | Fixed | Fixed | Not affected |
Some fixes available 1 of 4
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the `C`...
1 affected package
runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| runc | Not affected | Not affected | Not affected | Vulnerable |