13 matches found
CVE-2023-54128
CVE-2023-54128 affects the Linux kernel and concerns a race condition in fs: drop peer group ids under namespace lock. The issue arises when cleaning up peer group ids in the failure path without holding the namespace lock, allowing another thread to concurrently change a mount from shared to non...
SUSE CVE-2025-64750
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
CVE-2025-64750
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
CVE-2025-64750
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
Use of Incorrectly-Resolved Name or Reference
Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the handling of procfs file writes that leads to improper enforcement of the two --security options: --security=apparmor: and --security=selinux:. An attacker can bypass intended security...
CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
CVE-2025-64750
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
PT-2025-48736
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
runc 安全漏洞
runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions 1.2.7, 1.3.2, and 1.4.0-rc.2, which stems from an attacker's ability to misdirect a write...
CVE-2025-62596 youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects
Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...
PT-2025-45167
Name of the Vulnerable Software and Affected Versions Youki versions 0.5.6 and below Description Youki, a container runtime written in Rust, has an issue with its apparmor handling. Insufficiently strict write-target validation, combined with path substitution during pathname resolution, can allo...
Security update for singularity (moderate)
openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2019:0095-1 Rating: moderate References: 1100333 1111411 Cross-References: CVE-2018-12021 CVE-2018-19295 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes two vulnerabilities...