3 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...
AZL-34905 CVE-2024-21626 affecting package kubevirt for versions less than 1.2.0-1
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
SUSE-SU-2021:2274-1 Security update for kubevirt
This update for kubevirt fixes the following issues: General: - Updated kubevirt to version 0.40.0 - Fixed an issue when calling virsh-domcapabilities - Fixed the the wrong registry path for containers. Security fixes: - CVE-2021-20286: A flaw was found in libnbd 1.7.3. An assertion failure in...