Lucene search
OracleLinuxELSA-2023-6380HistoryNov 11, 2023 - 12:00 a.m.
runc security update
2023-11-1100:00:00
linux.oracle.com
9
runc security updates
versions
cves
related issues
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.6%
[4:1.1.9-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.9
- Related: #2176063
[4:1.1.8-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.8
- Related: #2176063
[4:1.1.7-2] - rebuild for following CVEs:
CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - Resolves: #2033659
- Resolves: #2179973
- Resolves: #2183103
[4:1.1.7-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.7
- Related: #2176063
[4:1.1.6-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.6
- Related: #2176063
[4:1.1.5-2] - runc 1.1.5 resolves CVE-2023-25809 and CVE-2023-27561
- Resolves: #2176110
- Resolves: #2183098
[4:1.1.5-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.5
- Related: #2176063
[4:1.1.4-2] - rebuild
- Resolves: #2102995
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | runc | < 1.1.9-1.el9 | runc-1.1.9-1.el9.src.rpm |
| oracle linux | 9 | aarch64 | runc | < 1.1.9-1.el9 | runc-1.1.9-1.el9.aarch64.rpm |
| oracle linux | 9 | src | runc | < 1.1.9-1.el9 | runc-1.1.9-1.el9.src.rpm |
| oracle linux | 9 | x86_64 | runc | < 1.1.9-1.el9 | runc-1.1.9-1.el9.x86_64.rpm |
Related
nessus
nessus
Oracle Linux 9 : runc (ELSA-2023-6380)
2023-11-16 00:00:00
RHEL 9 : runc (RHSA-2023:6380)
2023-11-07 00:00:00
CentOS 9 : runc-1.1.7-2.el9
2024-02-29 00:00:00
osv
osv
Moderate: runc security update
2023-11-07 00:00:00
runc vulnerabilities
2023-05-18 10:03:59
runc vulnerabilities
2023-05-23 14:07:29
almalinux
almalinux
Moderate: runc security update
2023-11-07 00:00:00
Moderate: container-tools:4.0 security and bug fix update
2023-11-14 00:00:00
Moderate: container-tools:rhel8 security and bug fix update
2023-11-14 00:00:00
redhat
redhat
(RHSA-2023:6380) Moderate: runc security update
2023-11-07 06:03:35
(RHSA-2023:3303) Moderate: OpenShift Container Platform 4.13.1 packages and security update
2023-05-30 20:18:26
(RHSA-2023:6938) Moderate: container-tools:4.0 security and bug fix update
2023-11-14 08:40:57
oraclelinux
oraclelinux
buildah security update
2023-07-19 00:00:00
aardvark-dns security update
2023-07-19 00:00:00
container-tools:4.0 security and bug fix update
2023-11-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package runc version 1.1.5-alt1
2023-04-20 00:00:00
Security fix for the ALT Linux 10 package runc version 1.0.3-alt1
2021-12-17 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6088-1)
2023-05-19 00:00:00
Ubuntu: Security Advisory (USN-6088-2)
2023-05-24 00:00:00
Mageia: Security Advisory (MGASA-2023-0125)
2023-04-07 00:00:00
ubuntu
ubuntu
runC vulnerabilities
2023-05-18 00:00:00
runC vulnerabilities
2023-05-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2209
2023-08-08 07:51:13
mageia
mageia
Updated opencontainers-runc packages fix security vulnerability
2023-04-07 00:20:12
Updated opencontainers-runc packages fix security vulnerability
2021-12-11 01:19:07
ibm
ibm
Security Bulletin: IBM Cloud Kubernetes Service is affected by two containerd security vulnerabilities (CVE-2023-28642) (CVE-2023-27561)
2023-06-12 12:41:31
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:22:48
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:23:24
github
github
redos
redos
ROS-20231031-01
2023-10-31 00:00:00
photon
photon
cve
cve
cbl_mariner
cbl_mariner
CVE-2021-43784 affecting package moby-runc 1.0.0~rc95+azure-2
2022-04-09 06:51:55
CVE-2023-25809 affecting package moby-runc 1.1.2-11
2023-05-03 16:08:49
CVE-2023-28642 affecting package moby-runc 1.1.2+azure-4
2023-04-20 19:17:28
debian
debian
[SECURITY] [DLA 2841-1] runc security update
2021-12-06 22:43:22
[SECURITY] [DLA 3735-1] runc security update
2024-02-19 02:28:00
prion
prion
Design/Logic Flaw
2023-03-29 19:15:00
Integer overflow
2021-12-06 18:15:00
Design/Logic Flaw
2023-03-29 19:15:00
veracode
veracode
Improper Preservation Of Permissions
2023-04-04 07:34:38
Integer Overflow
2021-12-07 12:10:19
Improper Access Control
2023-04-05 08:16:22
redhatcve
redhatcve
suse
suse
Security update for runc (moderate)
2021-12-23 00:00:00
Security update for runc (moderate)
2021-12-26 00:00:00
alpinelinux
alpinelinux
ubuntucve
ubuntucve
cgr
cgr
CVE-2023-28642 vulnerabilities
2024-04-27 03:20:18
CVE-2023-25809 vulnerabilities
2024-04-27 03:20:18
CVE-2023-27561 vulnerabilities
2024-04-27 03:20:18
debiancve
debiancve
wolfi
wolfi
CVE-2023-25809 vulnerabilities
2024-04-27 03:16:47
CVE-2023-28642 vulnerabilities
2024-04-27 03:16:47
CVE-2023-27561 vulnerabilities
2024-04-27 03:16:47
fedora
fedora
[SECURITY] Fedora 38 Update: runc-1.1.6-1.fc38
2023-04-21 02:09:44
[SECURITY] Fedora 37 Update: runc-1.1.6-1.fc37
2023-04-21 02:11:21
[SECURITY] Fedora 36 Update: runc-1.1.6-1.fc36
2023-04-21 01:25:12
rocky
rocky
go-toolset:Rocky Linux8 security and bug fix update
2023-05-18 19:17:56
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.6%
Related for ELSA-2023-6380