103 matches found
Astra Linux - уязвимость в containerd
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was discovered in Moby Docker Engine prior to version 20.10.14, where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux...
MiracleLinux 8 : container-tools:3.0 (AXSA:2022-3168:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3168:01 advisory. podman: Default inheritable capabilities for linux container should be empty CVE-2022-27649 buildah: Default inheritable capabilities for linux...
MiracleLinux 8 : container-tools:4.0 (AXSA:2022-4429:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4429:01 advisory. cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc...
MiracleLinux 9 : runc-1.1.4-1.el9 (AXSA:2023-4702:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4702:01 advisory. runc: incorrect handling of inheritable capabilities CVE-2022-29162 Tenable has extracted the preceding description block directly from the MiracleLinux...
Linux Distros Unpatched Vulnerability : CVE-2022-29162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc ex...
Linux Distros Unpatched Vulnerability : CVE-2022-27650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where...
Astra Linux - уязвимость в runc
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...
GO-2022-0416 Podman's default inheritable capabilities for linux container not empty in github.com/containers/podman
Podman's default inheritable capabilities for linux container not empty in github.com/containers/podman...
GO-2022-0452 Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc
Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc...
RHEL 8 : runc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based containe...
containerd started with non-empty inheritable Linux process capabilities
Impact A bug was found in containerd where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2...
RHEL 7 : runc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
Impact A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during...
Low: runc
Issue Overview: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment...
CVE-2022-3466
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10....
Low: runc
Issue Overview: No CVE associated with this advisory Affected Packages: runc Issue Correction: Run dnf update runc --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-231 --releasever 2023.1.20230628 to update your system. More information on how to update your system can be found...
SUSE CVE-2022-24769
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux...
SUSE CVE-2022-27650
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby Docker Engine where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...
SUSE CVE-2022-27651
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby Docker Engine where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with...
SUSE CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...