SUSE CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

PT-2023-3586 · Runc +9 · Runc +9

Name of the Vulnerable Software and Affected Versions: runc versions prior to 1.1.5 Description: The issue is related to rootless runc making /sys/fs/cgroup writable under certain conditions, specifically when runc is executed inside the user namespace and the config.json does not specify the...