795 matches found
Important: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
SUSE-SU-2025:4080-1 Security update for podman
This update for podman fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 - CVE-2025-52881: Fixed...
Security update for podman
This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-12429
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
CVE-2025-12428
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities
The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
Important: Red Hat Security Advisory: runc security update
An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
EUVD-2025-37940
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...
Security update for runc
This update for runc fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. CVE-2025-52881: Fixed...
SUSE-SU-2025:3951-1 Security update for runc
This update for runc fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. - CVE-2025-52881: Fixed...
CVE-2025-54327
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...
CVE-2025-54327
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...
CVE-2025-54327
CVE-2025-54327 concerns the VTS driver in Samsung’s Exynos-based mobile/wearable processors (Exynos 1280, 2200, 1380, W920, W930, W1000). The initial and connected sources consistently state that improper input validation in the VTS driver allows an arbitrary write. The details describe the affec...
CVE-2025-54327
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...
PT-2025-45039
🚨 CVE-2025-54327 An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write. 🎖@cveNotify...
CVE-2025-54327
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write...