Lucene search
OracleLinuxELSA-2024-0670HistoryFeb 05, 2024 - 12:00 a.m.
runc security update
2024-02-0500:00:00
linux.oracle.com
9
update
security
cves
jira
rhel-2112
rhel-2792
rhel-7454
container-selinux
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%
[4:1.1.12-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.12
- Related: RHEL-2112
[4:1.1.11-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.11
- Related: RHEL-2112
[4:1.1.10-3] - Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409
- Related: Jira:RHEL-2792
- Related: Jira:RHEL-7454
[4:1.1.10-2] - require container-selinux >= 2.224.0 for dmz feature
- Related: Jira:RHEL-2112
[4:1.1.10-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.10
- Related: RHEL-2112
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | runc | <Â 1.1.12-1.el9_3 | runc-1.1.12-1.el9_3.src.rpm |
| oracle linux | 9 | aarch64 | runc | <Â 1.1.12-1.el9_3 | runc-1.1.12-1.el9_3.aarch64.rpm |
| oracle linux | 9 | src | runc | <Â 1.1.12-1.el9_3 | runc-1.1.12-1.el9_3.src.rpm |
| oracle linux | 9 | x86_64 | runc | <Â 1.1.12-1.el9_3 | runc-1.1.12-1.el9_3.x86_64.rpm |
Related
nessus
nessus
EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-1234)
2024-03-12 00:00:00
AlmaLinux 9 : runc (ALSA-2024:0670)
2024-02-07 00:00:00
Fedora 39 : runc (2024-900dc7f6ff)
2024-02-06 00:00:00
redos
redos
ROS-20240410-18
2024-04-10 00:00:00
kaspersky
kaspersky
KLA64657 PE vulnerability in Microsoft Azure
2024-02-28 00:00:00
KLA64658 PE vulnerability in Microsoft Mariner
2024-02-28 00:00:00
packetstorm
packetstorm
runc 1.1.11 File Descriptor Leak Privilege Escalation
2024-02-05 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in Open Container Initiative runc [CVE-2024-21626]
2024-03-28 22:00:56
cve
cve
CVE-2024-21626
2024-01-31 22:15:53
amazon
amazon
Important: runc
2024-01-25 19:21:00
githubexploit
githubexploit
Exploit for CVE-2024-21626
2024-02-07 07:38:22
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
2024-02-01 12:53:18
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
2024-03-15 10:38:27
cbl_mariner
cbl_mariner
CVE-2024-21626 affecting package cri-tools for versions less than 1.28.0-5
2024-02-25 03:00:06
CVE-2024-21626 affecting package moby-engine for versions less than 25.0.3-1
2024-03-19 17:21:46
CVE-2024-21626 affecting package moby-runc for versions less than 1.1.9-4
2024-02-01 18:12:35
openvas
openvas
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1504)
2024-04-08 00:00:00
Fedora: Security Advisory for runc (FEDORA-2024-900dc7f6ff)
2024-02-06 00:00:00
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1212)
2024-03-12 00:00:00
redhat
redhat
(RHSA-2024:0752) Important: container-tools:rhel8 security update
2024-02-08 17:22:59
(RHSA-2024:1270) Important: docker security update
2024-03-12 11:54:37
(RHSA-2024:0764) Important: container-tools:rhel8 security update
2024-02-08 19:33:15
fedora
fedora
[SECURITY] Fedora 38 Update: runc-1.1.12-1.fc38
2024-02-11 05:39:52
[SECURITY] Fedora 39 Update: runc-1.1.12-1.fc39
2024-02-06 01:18:51
zdt
zdt
runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit
2024-02-05 00:00:00
prion
prion
Design/Logic Flaw
2024-01-31 22:15:00
debiancve
debiancve
CVE-2024-21626
2024-01-31 22:15:53
almalinux
almalinux
Important: runc security update
2024-02-02 00:00:00
Important: container-tools:rhel8 security update
2024-02-08 00:00:00
Important: container-tools:4.0 security update
2024-02-08 00:00:00
ubuntu
ubuntu
runC vulnerability
2024-01-31 00:00:00
osv
osv
CVE-2024-21626
2024-01-31 22:15:53
Important: container-tools:rhel8 security update
2024-02-12 20:17:26
Talos Linux ships runc vulnerable to the escape to the host attack
2024-02-02 18:11:06
github
github
Talos Linux ships runc vulnerable to the escape to the host attack
2024-02-02 18:11:06
ubuntucve
ubuntucve
CVE-2024-21626
2024-01-31 00:00:00
metasploit
metasploit
runc (docker) File Descriptor Leak Privilege Escalation
2024-02-01 20:28:04
mscve
mscve
veracode
veracode
Sandbox Escape
2024-02-01 12:28:33
oraclelinux
oraclelinux
runc security update
2024-02-09 00:00:00
runc security update
2024-02-09 00:00:00
container-tools:ol8 security update
2024-02-14 00:00:00
rocky
rocky
container-tools:rhel8 security update
2024-02-12 20:17:26
debian
debian
[SECURITY] [DSA 5615-1] runc security update
2024-02-04 18:54:11
[SECURITY] [DLA 3735-1] runc security update
2024-02-19 02:28:00
cgr
cgr
CVE-2024-21626 vulnerabilities
2024-05-08 03:06:48
redhatcve
redhatcve
CVE-2024-21626
2024-01-31 21:41:31
alpinelinux
alpinelinux
CVE-2024-21626
2024-01-31 22:15:53
wolfi
wolfi
CVE-2024-21626 vulnerabilities
2024-05-07 21:06:45
attackerkb
attackerkb
CVE-2019-5736
2019-02-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2393
2024-04-11 07:16:35
thn
thn
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
2024-01-31 20:00:00
securelist
securelist
Exploits and vulnerabilities in Q1 2024
2024-05-07 10:00:39
avleonov
avleonov
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%
Related for ELSA-2024-0670