11 matches found
USN-4867-1 runc vulnerabilities
It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. CVE-2019-16884 Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious...
USN-4867-1: runC vulnerabilities
It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. CVE-2019-16884 Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious...
USN-4960-1 runc vulnerability
Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges...
Ubuntu: Security Advisory (USN-4297-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated opencontainers-runc packages fix security vulnerability
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory CVE-2019-16884...
CVE-2019-16884
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...
Arbitrary File Read
github.com/opencontainers/runc is vulnerable to arbitrary file read. The vulnerability exists as the AppAmor restrictions can be bypassed due to incorrect mount targets check, allowing a malicious Docker image to be mounted over a /proc directory...
CVE-2019-16884
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...
CVE-2019-16884
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...
Design/Logic Flaw
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...
CVE-2019-16884
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...