Lucene search
K

491 matches found

OSV
OSV
added 2025/12/30 12:15 p.m.5 views

CVE-2023-54267 powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppacasharedproc to avoid DEBUGPREEMPT lppacasharedproc takes a pointer to the lppaca which is typically accessed through getlppaca. With DEBUGPREEMPT enabled, this leads to checking if preemption is...

6.5AI score0.00181EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/30 12:15 p.m.23 views

CVE-2023-54267 powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppacasharedproc to avoid DEBUGPREEMPT lppacasharedproc takes a pointer to the lppaca which is typically accessed through getlppaca. With DEBUGPREEMPT enabled, this leads to checking if preemption is...

0.00181EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/18 10:9 a.m.10 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/12/18 4:34 a.m.6 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.8 views

RHEL 8 : container-tools:rhel8 (RHSA-2025:23543)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23543 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.4 views

Oracle Linux 10 : podman (ELSA-2025-21220)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21220 advisory. - fixes 'Minor Incident CVE-2025-52881 podman: container escape and denial of service due to arbitrary write gadgets and procfs write redirects rhel-10.1.z'...

7.5CVSS6.8AI score0.00523EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.16 views

Oracle Linux 10 : buildah (ELSA-2025-22012)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22012 advisory. - fixes 'Minor Incident CVE-2025-52881 buildah: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...

7.5CVSS7.2AI score0.00523EPSS
Exploits1References3
Snyk
Snyk
added 2025/12/02 9:10 p.m.3 views

Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the handling of procfs file writes that leads to improper enforcement of the two --security options: --security=apparmor: and --security=selinux:. An attacker can bypass intended security...

5.3CVSS6.7AI score0.00198EPSS
Exploits0References3
OSV
OSV
added 2025/11/28 9:4 a.m.6 views

RLSA-2025:21232 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mount and...

8.2CVSS6.3AI score0.0067EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2025/11/25 8:2 a.m.9 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/11/25 5:23 a.m.6 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
OSV
OSV
added 2025/11/21 6:19 p.m.5 views

RLSA-2025:21220 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

8.2CVSS6.9AI score0.00523EPSS
Exploits1References2
OSV
OSV
added 2025/11/21 6:13 p.m.8 views

RLSA-2025:21702 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

8.2CVSS6.4AI score0.00523EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/11/21 6:13 p.m.5 views

runc security update

An update is available for runc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The runC tool is a lightweight, portable implementation of the Open Container...

8.4CVSS6.9AI score0.0067EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2025/11/20 7:57 a.m.4 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/20 7:57 a.m.8 views

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

7.8CVSS5.8AI score0.0067EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.5 views

AlmaLinux 9 : runc (ALSA-2025:20957)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:20957 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...

8.4CVSS7AI score0.0067EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.3 views

AlmaLinux 9 : podman (ALSA-2025:21702)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21702 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References3
OSV
OSV
added 2025/11/18 3:44 p.m.6 views

GO-2025-4098 Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc

Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc...

7.5CVSS7AI score0.00523EPSS
Exploits1References28
RedHat Linux
RedHat Linux
added 2025/11/18 12:31 a.m.4 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
Rows per page
Query Builder