Security update for runc

This update for runc fixes the following issues: Update to runc v1.2.6. Upstream changelog is available from . Update to runc v1.2.0rc3. Upstream changelog is available from . CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092 Patch Instruction...

SUSE-SU-2025:20353-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.2.6. Upstream changelog is available from . Update to runc v1.2.0rc3. Upstream changelog is available from . - CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092...

Alibaba Cloud Linux 3 : 0015: runc (ALINUX3-SA-2024:0015)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-21626: A file descriptor leak issue was...

RLSA-2024:4246 Moderate: container-tools security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786 For mo...

container-tools:4.0 security update

An update is available for module.python-podman, cockpit-podman, module.skopeo, module.oci-seccomp-bpf-hook, module.conmon, module.cockpit-podman, oci-seccomp-bpf-hook, slirp4netns, libslirp, python-podman, criu, conmon, module.slirp4netns, module.containers-common, containers-common,...

Security Bulletin: Additional security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2025.

Summary In addition to vulnerabilities announced in Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF005 and 24.0.1-IF002, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation...

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

Amazon Linux 2 : runc (ALASECS-2025-058)

The version of runc installed on the remote host is prior to 1.1.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-058 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to...

Amazon Linux 2 : runc (ALASDOCKER-2025-059)

The version of runc installed on the remote host is prior to 1.1.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-059 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to...

Amazon Linux 2 : runc (ALASECS-2025-062)

The version of runc installed on the remote host is prior to 1.0.0-0.3.20210225.git12644e6. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-062 advisory. The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly...

Important: runc

Issue Overview: Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. CVE-2022-1705 Uncontrolled...

Amazon Linux 2 : runc (ALASECS-2025-057)

The version of runc installed on the remote host is prior to 1.1.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-057 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allow...

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

Important: runc

Issue Overview: A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this...

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

Important: runc

Issue Overview: The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentialit...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-056)

The version of runc installed on the remote host is prior to 1.1.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-056 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause...

Amazon Linux 2 : runc (ALASECS-2025-064)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-064 advisory. A flaw was found in runc. An attacker who controls the container image for two containers that share a volume...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-055)

The version of runc installed on the remote host is prior to 1.1.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-055 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go...

SUSE: Security Advisory (SUSE-SU-2025:1374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...