3 matches found
Advisory ROSA-SA-2026-3217
software: runc 1.3.4 OS: ROSA-CHROME unaffected versions = runc-1.3.4-1 affected versions runc-1.3.4-1 CVE-ID: CVE-2024-45310 BDU-ID: 2024-06891 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Runc isolated container tool is associated with a race condition that allows link tracking. Exploitation...
AZL-48525 CVE-2024-45310 affecting package cri-o 1.30.1-1
runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...
CVE-2019-19921
A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this vulnerability is to data...