2 matches found
UBUNTU-CVE-2022-49329
In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...
runc: file descriptor leak
A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...