AZL-69826 CVE-2025-52881 affecting package runc for versions less than 1.3.3-1

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...

SUSE CVE-2025-52881

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts we have also verified thi...

GHSA-CGRX-MC8F-2PRM runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects

Impact This attack is primarily a more sophisticated version of CVE-2019-19921, which was a flaw which allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989559 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurre...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986909 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurre...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986310 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurre...

DEBIAN-CVE-2022-49288

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

UBUNTU-CVE-2022-49288

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

CVE-2022-49288 ALSA: pcm: Fix races among concurrent prealloc proc writes

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

kernel: ALSA: pcm: Fix races among concurrent prealloc proc writes

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

GSD-2022-1001632 ALSA: pcm: Fix races among concurrent prealloc proc writes

ALSA: pcm: Fix races among concurrent prealloc proc writes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.18 by commit...