runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RHEL 7 : runc (RHSA-2024:0717)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0717 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: file...

AlmaLinux 9 : runc (ALSA-2024:0670)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:0670 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descripto...

[SECURITY] Fedora 39 Update: runc-1.1.12-1.fc39

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

Fedora: Security Advisory (FEDORA-2024-900dc7f6ff)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : runc (2024-900dc7f6ff)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-900dc7f6ff advisory. security fix for CVE-2024-21626 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

SUSE SLES12 Security Update : runc (SUSE-SU-2024:0328-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0328-1 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

runc (docker) File Descriptor Leak Privilege Escalation

All versions of runc use exploit/linux/local/runccwdprivesc msf exploitrunccwdprivesc show targets ...targets... msf exploitrunccwdprivesc set TARGET msf exploitrunccwdprivesc show options ...show and set options... msf exploitrunccwdprivesc exploit This module requires Metasploit:...

Exploit for File Descriptor Leak in Linuxfoundation Runc

Vulnerability Reproduction CVE-2024-21626: docker runc es...

Leaky Vessels: runC and BuildKit container escape vulnerabilities - everything you need to know

Detect and mitigate “Leaky Vessels”, container escape vulnerabilities affecting runC and BuildKit. Learn how to prioritize patching and detect exploitation attempts in runtime...

SUSE-SU-2024:0328-1 Security update for runc

This update for runc fixes the following issues: - Update to runc v1.1.12 bsc1218894 The following CVE was already fixed with the previous release. - CVE-2024-21626: Fixed container breakout...

Leaky Vessels in Cloud Environments Shake Docker and Beyond

Summary: Four vulnerabilities, collectively termed Leaky Vessels, have been uncovered within container engine components, specifically affecting the runC command line tool. In the most severe instances, illicit entry into the underlying host operating system could result in the compromise of vita...

Debian: Security Advisory (DSA-5615-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit

runc versions 1.1.11 and below, as used by containerization technologies such as Docker engine and Kubernetes, are vulnerable to an arbitrary file write vulnerability. Due to a file descriptor leak it is possible to mount the host file system with the permissions of runc typically root...

Oracle Linux 9 : runc (ELSA-2024-0670)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0670 advisory. - Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 9 : runc (RHSA-2024:0670)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0670 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: file...

runc 1.1.11 File Descriptor Leak Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'runc docker File Descriptor Leak Privilege Escalation', 'Description' = %q All versions of runc MSFLICENSE, 'Author' = 'h00die', msf module 'Rory...