5 matches found
MiracleLinux 9 : runc-1.1.12-3.el9_4 (AXSA:2024-8613:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8613:04 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following in the handling of procfs file writes. An attacker can cause arbitrary writes to sensitive files or trigger a denial of service by redirecting write operations through race conditions and...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following in the handling of procfs file writes. An attacker can cause arbitrary writes to sensitive files or trigger a denial of service by redirecting write operations through race conditions and...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...
OESA-2023-1218 runc security update
runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a...