Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 6:12 p.m.19 views

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

7.8CVSS5.7AI score0.00159EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/19 1:25 p.m.9 views

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

7.8CVSS5.7AI score0.00159EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/06 3:41 a.m.6 views

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

7.8CVSS5.8AI score0.00159EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2026/03/25 11:57 p.m.3 views

CVE-2026-30892

crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...

7.8CVSS5.8AI score0.00159EPSS
Exploits1
Rows per page
Query Builder