EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2022-1926)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container...

Arbitrary File Override in Docker Engine

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

GHSA-V4H8-794J-G8MM Arbitrary File Override in Docker Engine

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

Amazon Linux AMI : containerd (ALAS-2021-1523)

The version of containerd installed on the remote host is prior to 1.4.6-2.7. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1523 advisory. A bug was discovered in containerd where pulling and extracting a specially-crafted container image can result in Unix file...

SUSE SLES12 Security Update : containerd (SUSE-SU-2021:2413-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:2413-1 advisory. - containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted...

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

DEBIAN-CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

PT-2021-3856 · Unknown +6 · Kubernetes Containerd +5

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.4.8 and 1.5.4 Description: The issue is related to a bug in containerd that allows pulling and extracting a specially-crafted container image to result in Unix file permission changes for existing files in the...

KubeArmor - Container-aware Runtime Security Enforcement System

Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior such as process execution, file access, networking operation, and resource utilization of containers at the system level. KubeArmor operates with Linux security modules LSMs,...

File Override

github.com/docker/docker is vulnerable to file override attacks. It allows local users to set Linux Security Modules LSM and dockert policies. It can be triggered through images that allow volumes to override files in /proc...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

Design/Logic Flaw

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

CVE-2015-3631

Docker Engine prior to 1.6.1 is affected by a local-privilege-escalation vulnerability where a container image can cause volumes to override files under /proc, allowing an attacker to set arbitrary Linux Security Modules (LSM) and docker_t policies. The issue arises when /proc files can be overri...

Amazon Linux AMI : docker (ALAS-2015-522)

The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627 Libcontainer versi...

docker: multiple issues

CVE-2015-3627 privilege escalation The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege...

PT-2015-6251 · Docker +2 · Docker Engine +3

Name of the Vulnerable Software and Affected Versions: Docker Engine versions prior to 1.6.1 Description: The issue allows local users to set arbitrary Linux Security Modules LSM and docker t policies via an image that allows volumes to override files in /proc. This can be achieved by exploiting...

Design/Logic Flaw

The imalsmruleinit function in security/integrity/ima/imapolicy.c in the Linux kernel before 2.6.37, when the Linux Security Modules LSM framework is disabled, allows local users to bypass Integrity Measurement Architecture IMA rules in opportunistic circumstances by leveraging an administrator's...

[USN-1364-1] Linux kernel (OMAP4) vulnerabilities

========================================================================== Ubuntu Security Notice USN-1364-1 February 13, 2012 linux-ti-omap4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...