6 matches found
CLSA-2025-1764692266 buildah: Fix of 4 CVEs
Update buildah to 1.39.6 - CVE-2025-52881: fix runc vulnerability by updating to runc v1.2.8 - Update golang dependency to 1.22.9.tuxcare.els1 - Remove patches for fixes included in upstream CVE-2024-9341, CVE-2024-9407, CVE-2025-27144...
CLSA-2025-1763648873 runc: Fix of 6 CVEs
upgrade to runc 1.2.8 to fix multiple critical security vulnerabilities: - CVE-2024-21626: fix file descriptor leak vulnerability allowing container escape - CVE-2025-52565: fix container escape with malicious config due to /dev/console mount races - CVE-2025-31133: fix container escape and...
SUSE SLES12 Security Update : runc (SUSE-SU-2025:4077-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4077-1 advisory. Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...
OESA-2023-1383 runc security update
runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a...
UBUNTU-CVE-2023-28642
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...