GO-2022-0835 Information Exposure in RunC in github.com/opencontainers/runc

Information Exposure in RunC in github.com/opencontainers/runc...

GO-2022-0396 Devices resource list treated as a blacklist by default in github.com/opencontainers/runc

Devices resource list treated as a blacklist by default in github.com/opencontainers/runc...

Symlink Bypass

github.com/opencontainers/runc is vulnerable to Symlink Attack. The vulnerability exists because the proc and sysfs attributes do not properly check whether the destination is a symlink or not, which allows an attacker to bypass the AppArmor or SELinux when /proc inside the container is symlinked...

GO-2021-0070 Privilege escalation in github.com/opencontainers/runc

GetExecUser in the github.com/opencontainers/runc/libcontainer/user package will improperly interpret numeric UIDs as usernames. If the method is used without verifying that usernames are formatted as expected, it may allow a user to gain unexpected privileges...

Information Disclosure

github.com/opencontainers/runc is vulnerable to information disclosure attacks. These attacks are possible because a run exec command can be ptraced by the pid 1 of the container. Using this, it allows attackers to gain access to the file-descriptors of new processes during initialization. It may...

Privilege Escalation

github.com/opencontainers/runc is vulnerable to privilege escalation attacks. These attacks are possible because github.com/opencontainers/runc treats a numeric UID as a potential username. This allows local users to gain privileges though a numeric username in the password file. This transitivel...