Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container,...

Race Condition Enabling Link Following

Overview github.com/opencontainers/runc/libcontainer is a package for a modern container runtime. Affected versions of this package are vulnerable to Race Condition Enabling Link Following in the handling of procfs file writes. An attacker can cause arbitrary writes to sensitive files or trigger ...

Race Condition Enabling Link Following

Overview github.com/opencontainers/runc/libcontainer is a package for a modern container runtime. Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker...

EUVD-2022-1002

Malicious code in bioql PyPI...

EUVD-2025-7244

Malicious code in bioql PyPI...

SUSE CVE-2025-27612

libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if prese...

CVE-2025-27612

A flaw was found in libcontainer. This vulnerability may allow elevation of capabilities via improper inheritance of capabilities in the tenant container when using the tenant builder. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the...

Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66

Impact In libcontainer, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. Code can be seen here . The logic here adds the given capabilities to all capabilities of main container if present in spec, otherwise simply s...

GHSA-5W4J-F78P-4WH9 Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66

Impact In libcontainer, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. Code can be seen here . The logic here adds the given capabilities to all capabilities of main container if present in spec, otherwise simply s...

CVE-2025-27612

libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if prese...

CVE-2025-27612 Libcontainer is affected by capabilities elevation

libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if prese...

CVE-2025-27612 Libcontainer is affected by capabilities elevation

libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if prese...

CVE-2025-27612

CVE-2025-27612 is a youki/libcontainer issue where the tenant_builder incorrectly adds provided capabilities to the main container’s spec, potentially elevating capabilities in the tenant container. The vulnerability is in libcontainer prior to 0.5.3 and would affect users who directly use the te...

CVE-2025-27612 Libcontainer is affected by capabilities elevation

libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if prese...

Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to a symlink vulnerability due to Libcontainer and Docker Engine (CVE-2015-3627)

Summary Libcontainer and Docker Engine are used by IBM DataStage on Cloud Pak for Data as part of the container environment. Vulnerability Details CVEID:CVE-2015-3627 DESCRIPTION: A symlink vulnerability in Libcontainer and Docker Engine regarding the file-descriptor being opened prior to...

GO-2022-0647 Arbitrary File Write in Libcontainer in github.com/docker/docker

Arbitrary File Write in Libcontainer in github.com/docker/docker...

GO-2022-0649 Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker

Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker...

Advisory ROSA-SA-2024-2393

Software: runc 1.0.0 OS: rosa-server79 packageevrstring: runc-1.0.0.0-70.rc10.res7 CVE-ID: CVE-2019-19921 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: runc has improper access control leading to elevated privileges associated with libcontainer/rootfslinux.go. To exploit this, an attacker must be able t...

Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1650)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1650 advisory. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux...

Fedora 37 : golang-github-opencontainers-runc (2023-9edf2145fb)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9edf2145fb advisory. Add commit c0be1aa2d101dcd3074b5a0e486d58d3f9568d81 as a patch for github.com/containers/common ---- Security fix for CVE-2023-27561 Update to 1.1.8...