runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

CVE-1999-0724

Buffer overflow in OpenBSD procfs and fdescfs file systems via uiooffset in the readdir function...

CVE-2025-52881

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

EUVD-2003-0927

Malware in sbrugna...

Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and...

Ubuntu 18.04 LTS : Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities (USN-3871-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-3 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3880-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3880-1 advisory. It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3821-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3821-1 advisory. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An...

PT-2003-1958 · Sco · Open Unix +1

Name of the Vulnerable Software and Affected Versions: SCO UnixWare versions 7.1.1, 7.1.3 Open UNIX version 8.0.0 Description: The issue allows local users to bypass protections for the address space file for a process ID by obtaining a procfs file descriptor for the file and calling execve on a...

CVE-2001-0061

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's...

CVE-1999-0724

Buffer overflow in OpenBSD procfs and fdescfs file systems via uiooffset in the readdir function...