RHEL 8 : container-tools:rhel8 (RHSA-2020:1650)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1650 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: volu...

Amazon Linux AMI : runc (ALAS-2020-1358)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a.1. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1358 advisory. runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to...

Medium: runc

Issue Overview: runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This...

RHEL 7 : OpenShift Container Platform 4.3.13 runc (RHSA-2020:1485)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1485 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: volum...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.13 runc security update

An update for runc is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this vulnerability is to data...

container-tools:ol8 security and bug fix update

buildah 1.11.6-6.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-6 - fix COPY command takes long time with buildah - Resolves: 1806119 1.11.6-5 - fix Podman support for FIPS Mode requires a bind mount inside the container - Resolves: 1804188 cockpit-podman 11-1 - Fix Alert...

SUSE SLES15 Security Update : runc (SUSE-SU-2020:0944-1)

This update for runc fixes the following issues : runc was updated to v1.0.0rc10 CVE-2019-19921: Fixed a mount race condition with shared mounts bsc1160452. Fixed an issue where podman run hangs when spawned by salt-minion process bsc1149954. Note that Tenable Network Security has extracted the...

Important: Red Hat Security Advisory: container-tools:1.0 security update

An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

SUSE-SU-2020:0944-1 Security update for runc

This update for runc fixes the following issues: runc was updated to v1.0.0rc10 - CVE-2019-19921: Fixed a mount race condition with shared mounts bsc1160452. - Fixed an issue where podman run hangs when spawned by salt-minion process bsc1149954...

Important: container-tools:1.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu CVE-2020-7039 For more details about the security issues, including the impact, a CVSS score,...

RLSA-2020:1360 Important: container-tools:1.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu CVE-2020-7039 For more details about the security issues, including the impact, a CVSS score,...

container-tools:1.0 security update

An update is available for fuse-overlayfs, oci-umount, runc, skopeo, oci-systemd-hook, containernetworking-plugins. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...

ALSA-2020:1379 Important: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 For more details about the security issues, including the impact, a CVSS score,...

RLSA-2020:1379 Important: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 For more details about the security issues, including the impact, a CVSS score,...

Important: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 For more details about the security issues, including the impact, a CVSS score,...

RHEL 8 : container-tools:rhel8 (RHSA-2020:1379)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1379 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: Slirp:...

runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

Moderate: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: Red Hat Bug Fix Advisory: runc bug fix update

Updated runc package that fixes several bugs is now available for Red Hat Enterprise Linux 7 Extras. The runc tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Users of runc are advised to upgrade to this updated package, which fixes...