2142 matches found
RHCOS 4 : OpenShift Container Platform 4.2.22 runc (RHSA-2020:0688)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0688 advisory. - runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 Note that Nessus has n...
RHCOS 4 : OpenShift Container Platform 4.5.40 (RHSA-2021:2057)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2057 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...
RHCOS 4 : OpenShift Container Platform 4.6.30 (RHSA-2021:1566)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1566 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...
RHCOS 4 : Red Hat build of MicroShift 4.14.42 (RHSA-2024:10525)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10525 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHCOS 4 : OpenShift Container Platform 4.15.41 (RHSA-2024:10841)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10841 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHCOS 4 : OpenShift Container Platform 4.17.7 (RHSA-2024:10520)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10520 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHCOS 4 : Red Hat build of MicroShift 4.16.24 (RHSA-2024:10149)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10149 advisory. - runc: file descriptor leak CVE-2024-21626 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHCOS 4 : OpenShift Container Platform 4.14.61 (RHSA-2026:0995)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0995 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
RHCOS 4 : OpenShift Container Platform 4.12.84 (RHSA-2026:0315)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0315 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
RHCOS 4 : OpenShift Container Platform 4.19.25 (RHSA-2026:3391)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3391 advisory. - runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...
RHCOS 4 : OpenShift Container Platform 4.18.31 (RHSA-2026:0331)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0331 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
RHCOS 4 : OpenShift Container Platform 4.15.61 (RHSA-2026:1540)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1540 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
RHCOS 4 : OpenShift Container Platform 4.16.55 (RHSA-2026:0418)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0418 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
RHCOS 4 : OpenShift Container Platform 4.17.50 (RHSA-2026:3416)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3416 advisory. - runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...
RHSA-2026:12031 Red Hat Security Advisory: runc security update
Bulletin has no description...
CLSA-2026-1777306907 runc: Fix of CVE-2026-25679
Rebuild with Go 1.25.8 to fix Go standard library CVE - CVE-2026-25679: reject invalid IPv6 host literals in net/url.Parse to prevent URL validation bypass...
runc: container escape with malicious config due to /dev/console mount and related races
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...
runc: container escape via 'masked path' abuse due to mount race conditions
A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
Important: Red Hat Security Advisory: container-tools:rhel8 security update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security h...