Lucene search
K

7 matches found

OSV
OSV
added 2026/06/26 6:31 p.m.4 views

GHSA-2Q3F-Q5PQ-G8WV Incus has an arbitrary file read+write on host via rootfs/ symlink in malicious image

Summary A specially crafted image can be used to read or create/write arbitrary files on the host; possibly leading to arbitrary command execution. Details Incus validates an image as soon as it sees a normal metadata.yaml and a rootfs/ entry, but full extraction can later process a duplicate...

9.9CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-53010

Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description An issue exists where a specially crafted image can be used to read or create and write arbitrary files on the host, potentially leading to arbitrary command execution. The problem occurs becau...

9.9CVSS6.1AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/16 4:11 p.m.9 views

CVE-2025-54867

Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...

7CVSS7.4AI score0.0016EPSS
Exploits0References1
Amazon
Amazon
added 2025/04/29 12:0 a.m.4 views

Important: runc

Issue Overview: A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this...

7CVSS6.7AI score0.00457EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/14 4:3 p.m.5 views

runc: volume mount race condition (regression of CVE-2019-19921)

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization by adding a symlink to the rootfs that points to a directory on the volume...

7CVSS6.9AI score0.00457EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2020/04/20 7:51 p.m.4 views

runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this vulnerability is to data...

7CVSS7.1AI score0.00457EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/10 12:22 p.m.4 views

runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this vulnerability is to data...

7CVSS7.1AI score0.00457EPSS
Exploits0References4
Rows per page
Query Builder