37 matches found
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...
CVE-2025-31133
A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...
CVE-2025-62161
Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7...
CVE-2025-62161 youki container escape via "masked path" abuse due to mount race conditions
Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7...
CVE-2025-62161 youki container escape via "masked path" abuse due to mount race conditions
Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7...
EUVD-2025-37939
Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7...
CVE-2025-62161 youki container escape via "masked path" abuse due to mount race conditions
Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7...
GHSA-4G74-7CFF-XCV8 youki container escape via "masked path" abuse due to mount race conditions
Impact youki utilizes bind mounting the container's /dev/null as a file mask. When performing this operation, the initial validation of the source /dev/null was insufficient. Specifically, we initially failed to verify whether /dev/null was genuinely present. However, we did perform validation to...
GHSA-9493-H29P-RFM2 runc container escape via "masked path" abuse due to mount race conditions
Impact The OCI runtime specification has a maskedPaths feature that allows for files or directories to be "masked" by placing a mount on top of them to conceal their contents. This is primarily intended to protect against privileged users in non-user-namespaced from being able to write to files o...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following via a race condition in the maskedPaths feature. An attacker can gain unauthorized access to host files, execute arbitrary code with elevated privileges, or cause a denial of service by manipulatin...
PT-2025-45166
Name of the Vulnerable Software and Affected Versions Youki versions 0.5.6 and below Description Youki is a container runtime written in Rust. Insufficient initial validation of the /dev/null source allows for container escape when bind mounting the container's /dev/null as a file mask. This occu...
USN-7851-1: runC vulnerabilities
Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possibly replace a container's /dev/null with a symlink to some other procfs file and possibly escape a container. CVE-2025-31133 Lei Wang and Li Fubang discovered that runC incorrectly handled the...
PT-2025-45350
Name of the Vulnerable Software and Affected Versions runc versions 1.2.0 through 1.2.7 runc versions 1.3.0-rc.1 through 1.3.1 runc versions 1.4.0-rc.1 through 1.4.0-rc.2 Description runc is a CLI tool for spawning and running containers according to the OCI specification. A race condition in the...
Scientific Linux Security Update : ecryptfs-utils on SL5.x i386/x86_64
These updated ecryptfs-utils packages have been upgraded to upstream version 75, which provides a number of bug fixes and enhancements over the previous version. In addition, these packages provide a graphical program to help configure and use eCryptfs. To start this program, run the command :...
CVE-2002-0820
CVE-2002-0820: FreeBSD kernels 4.6 and earlier close fds 0, 1, and 2 after they are assigned to /dev/null when the descriptors reference procfs/linprocfs. This could allow a local attacker to reuse those file descriptors in a setuid/setgid program to modify critical data and gain privileges. The ...