GHSA-FQW6-GF59-QR4W containerd user ID handling bypass allows runAsNonRoot evasion

Impact A bug was found in containerd where containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as...

EUVD-2020-0650

Malware in sbrugna...

EUVD-2022-0806

Malicious code in bioql PyPI...

Medium: docker

Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...

CBL Mariner 2.0 Security Update: containerd / containerd2 / moby-containerd / moby-containerd-cc (CVE-2024-40635)

The version of containerd / containerd2 / moby-containerd / moby-containerd-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40635 advisory. - containerd is an open-source container runtime. A b...

Debian dla-4153 : containerd - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4153 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4153-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-40635

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

PT-2024-12258 · Nvidia · Nvidia Bluefield 2 +1

Name of the Vulnerable Software and Affected Versions: NVIDIA Bluefield 2 and Bluefield 3 DPU BMC affected versions not specified Description: The issue is related to a code injection vulnerability in ipmitool, where a root user may cause code injection by a network call, potentially leading to...

BRU 17.0 - XBRU Insecure Temporary File

BRU 17.0 - XBRU Insecure Temporary File source: https://www.securityfocus.com/bid/5708/info BRU is a backup and restore utility distributed by The Tolis Group. This problem affects the utility on the Linux platform. xbru does not properly check for the existence of temporary files prior to...

linuxconf.txt

Date: Sat, 22 Aug 1998 20:35:42 -0500 From: Alex Mottram Subject: Security concerns in linuxconf shipped w/RedHat 5.1 There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386 as upgraded from RedHat's FTP site. No other versions have been tested by me. Both the maintainer of linuxco...