Lucene search

K

[email protected]NVD:CVE-2023-28642

HistoryMar 29, 2023 - 7:15 p.m.

CVE-2023-28642

2023-03-2919:15:22

CWE-281

CWE-59

[email protected]

web.nvd.nist.gov

1

runc

cli tool

apparmor

symlink bypass

security update

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.

Affected configurations

NVD

Node

linuxfoundationruncRange<1.1.5

References

github.com/opencontainers/runc/pull/3785

github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

Related for NVD:CVE-2023-28642