200 matches found
SUSE-SU-2025:20279-1 Security update for podman
This update for podman fixes the following issues: - CVE-2023-45288: Fixed closing connection when receiving too many headers bsc1236507. - CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile bsc1236270. - CVE-2025-22869: Fixed...
RHEL 9 : gvisor-tap-vsock (RHSA-2025:3833)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3833 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...
RHSA-2025:3833 Red Hat Security Advisory: gvisor-tap-vsock security update
Bulletin has no description...
Important: Red Hat Security Advisory: gvisor-tap-vsock security update
An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
gvisor-tap-vsock security update
6:0.8.5-1 - Fix CVE-2025-22869 by updating to 0.8.5 - Resolves: RHEL-81312...
ALSA-2025:3833 Important: gvisor-tap-vsock security update
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...
Important: gvisor-tap-vsock security update
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...
Oracle Linux 9 : gvisor-tap-vsock (ELSA-2025-3833)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-3833 advisory. - Fix CVE-2025-22869 by updating to 0.8.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...
Google gVisor elevation of privilege vulnerability (CNVD-2025-07534)
Google gVisor is a container sandboxing technology developed by Google to provide greater isolation and security for containers. An elevation of privilege vulnerability exists in Google gVisor, which can be exploited by an attacker to access restricted files...
CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
RHEL 9 : gvisor-tap-vsock (RHSA-2025:3185)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3185 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...
CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
DEBIAN-CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
UBUNTU-CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...