2 matches found
RLSA-2026:19020 Moderate: crun security update
crun is a OCI runtime Security Fixes: crun: crun: Privilege escalation due to incorrect parsing of the --user option CVE-2026-30892 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...
CVE-2026-30892
CVE-2026-30892 (crun) : Affected are crun versions 1.19–1.26 where the --user option parsing misinterprets the value 1 as UID 0, GID 0, allowing a process to run with elevated privileges. The issue is fixed in crun 1.27. Impact is privilege escalation on local/host context; exploitation is local ...