Lucene search
K

2142 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

RHCOS 4 : OpenShift Container Platform 4.2.22 runc (RHSA-2020:0688)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0688 advisory. - runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 Note that Nessus has n...

7CVSS5.8AI score0.00457EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.5.40 (RHSA-2021:2057)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2057 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...

8.5CVSS5.8AI score0.06604EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.6.30 (RHSA-2021:1566)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1566 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...

8.5CVSS7.3AI score0.06604EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.5 views

RHCOS 4 : Red Hat build of MicroShift 4.14.42 (RHSA-2024:10525)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10525 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8.6CVSS7AI score0.18087EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.11 views

RHCOS 4 : OpenShift Container Platform 4.15.41 (RHSA-2024:10841)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10841 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8.6CVSS6.4AI score0.18087EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHCOS 4 : OpenShift Container Platform 4.17.7 (RHSA-2024:10520)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10520 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8.6CVSS7AI score0.18087EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.9 views

RHCOS 4 : Red Hat build of MicroShift 4.16.24 (RHSA-2024:10149)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10149 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8.6CVSS7AI score0.18087EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.22 views

RHCOS 4 : OpenShift Container Platform 4.14.61 (RHSA-2026:0995)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0995 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS7.1AI score0.0067EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.12.84 (RHSA-2026:0315)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0315 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS6AI score0.0067EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.19.25 (RHSA-2026:3391)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3391 advisory. - runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...

7.5CVSS7.5AI score0.01945EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.13 views

RHCOS 4 : OpenShift Container Platform 4.18.31 (RHSA-2026:0331)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0331 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS6.2AI score0.0067EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.3 views

RHCOS 4 : OpenShift Container Platform 4.15.61 (RHSA-2026:1540)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1540 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS6AI score0.0067EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.4 views

RHCOS 4 : OpenShift Container Platform 4.16.55 (RHSA-2026:0418)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0418 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS6.2AI score0.0067EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

RHCOS 4 : OpenShift Container Platform 4.17.50 (RHSA-2026:3416)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3416 advisory. - runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...

7.5CVSS7.3AI score0.01945EPSS
Exploits1References6
OSV
OSV
added 2026/04/30 10:10 a.m.11 views

RHSA-2026:12031 Red Hat Security Advisory: runc security update

Bulletin has no description...

7.5CVSS6.7AI score0.01945EPSS
Exploits3References35
OSV
OSV
added 2026/04/27 4:21 p.m.21 views

CLSA-2026-1777306907 runc: Fix of CVE-2026-25679

Rebuild with Go 1.25.8 to fix Go standard library CVE - CVE-2026-25679: reject invalid IPv6 host literals in net/url.Parse to prevent URL validation bypass...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/27 2:17 a.m.8 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS6.4AI score0.00523EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/27 2:17 a.m.10 views

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

7.8CVSS7.7AI score0.0067EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/04/27 2:17 a.m.8 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS7.6AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/27 2:17 a.m.16 views

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security h...

8.4CVSS7.4AI score0.0067EPSS
Exploits6References7
Rows per page
Query Builder