269 matches found
Amazon Linux AMI : runc (ALAS-2024-1911)
The version of runc installed on the remote host is prior to 1.1.11-1.1. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1911 advisory. AWS is aware of CVE-2024-21626, an issue affecting the runc component of several open source container management systems. Under...
Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2024-036)
The version of runc installed on the remote host is prior to 1.1.11-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2024-036 advisory. AWS is aware of CVE-2024-21626, an issue affecting the runc component of several open source container management system...
AZL-34075 CVE-2024-21626 affecting package kubevirt for versions less than 0.59.0-14
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
AZL-43789 CVE-2024-21626 affecting package buildah 1.18.0-29
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
AZL-34896 CVE-2024-21626 affecting package kubernetes for versions less than 1.30.1-1
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
AZL-35006 CVE-2024-21626 affecting package moby-engine for versions less than 25.0.3-1
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
DEBIAN-CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
USN-6619-1 runc vulnerability
Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions...
Important: runc
Issue Overview: AWS is aware of CVE-2024-21626, an issue affecting the runc component of several open source container management systems. Under certain conditions, an actor could leverage a specially crafted container or container configuration to access files or directories outside the...
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : runC vulnerability (USN-6619-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6619-1 advisory. Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could...
runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration
A flaw was found in runc. This vulnerability could allow a remote attacker to bypass security restrictions and create a symbolic link inside a container to the /proc directory, bypassing AppArmor and SELinux protections...
runc: Rootless runc makes `/sys/fs/cgroup` writable
A flaw was found in runc, where it is vulnerable to a denial of service caused by improper access control in the /sys/fs/cgroup endpoint. This flaw allows a local authenticated attacker to cause a denial of service...
PT-2024-1467
Name of the Vulnerable Software and Affected Versions runc versions 1.1.11 and earlier Description The issue is related to an internal file descriptor leak in runc, which allows an attacker to cause a newly-spawned container process to have a working directory in the host filesystem namespace. Th...
Important: runc
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
The vulnerability of the Runc command-line tool for running isolated containers, related to improper storage of permissions, allows a malicious actor to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Runc container launch tool is related to improper storage of permissions. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability in the `libcontainer/rootfs_linux.go` component of the Runc tool for running isolated containers allows a attacker to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the libcontainer/rootfslinux.go component, a tool for running isolated containers in Runc, is related to the use of a name with an incorrect reference. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service...
The vulnerability of the Runc command-line tool for running isolated containers, related to integer overflows, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Runc container launch tool is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker operating remotely to access confidential data, compromise its integrity, and cause service failures...
MGASA-2023-0125 Updated opencontainers-runc packages fix security vulnerability
/sys/fs/cgroup is writable when cgroupns isn't unshared CVE-2023-25809 Regression that reintroduced CVE-2019-19921 - Incorrect Access Control leading to Escalation of Privileges CVE-2023-27561 AppArmor/SELinux bypass with symlinked /proc CVE-2023-28642...
runc 后置链接漏洞
runc is a CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions prior to 1.1.5, which stems from the fact that AppArmor can be bypassed when /proc within a container is symlinked with a specific...