CVE-2025-57802

Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory /app/data. Because the container bind-mounts an...

runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration

A flaw was found in runc. This vulnerability could allow a remote attacker to bypass security restrictions and create a symbolic link inside a container to the /proc directory, bypassing AppArmor and SELinux protections...

PT-2023-3594 · Apparmor +10 · Apparmor +10

Name of the Vulnerable Software and Affected Versions: runc versions prior to 1.1.5 Description: The issue is related to the incorrect handling of symbolic links before accessing a file, which allows an attacker to access confidential data, compromise its integrity, and cause a denial of service...

UBUNTU-CVE-2013-6456

The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; 2 create arbitrary nodes mknod via the virDomainDeviceAttach API and a symlink attack on /dev in th...