runC vulnerability

2021-05-1900:00:00

ubuntu.com

8.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

58.3%

JSON

Releases

Ubuntu 21.04
Ubuntu 20.10
Ubuntu 20.04 LTS
Ubuntu 18.04 ESM

Packages

runc - Open Container Project

Details

Etienne Champetier discovered that runC incorrectly checked mount targets.
An attacker with a malicious container image could possibly mount the host
filesystem into the container and escalate privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu21.04noarchrunc< 1.0.0~rc93-0ubuntu1.1UNKNOWN
Ubuntu21.04noarchgolang-github-opencontainers-runc-dev< 1.0.0~rc93-0ubuntu1.1UNKNOWN
Ubuntu21.04noarchrunc-dbgsym< 1.0.0~rc93-0ubuntu1.1UNKNOWN
Ubuntu20.10noarchrunc< 1.0.0~rc93-0ubuntu1~20.10.2UNKNOWN
Ubuntu20.10noarchgolang-github-opencontainers-runc-dev< 1.0.0~rc93-0ubuntu1~20.10.2UNKNOWN
Ubuntu20.10noarchrunc-dbgsym< 1.0.0~rc93-0ubuntu1~20.10.2UNKNOWN
Ubuntu20.04noarchrunc< 1.0.0~rc93-0ubuntu1~20.04.2UNKNOWN
Ubuntu20.04noarchgolang-github-opencontainers-runc-dev< 1.0.0~rc93-0ubuntu1~20.04.2UNKNOWN
Ubuntu20.04noarchrunc-dbgsym< 1.0.0~rc93-0ubuntu1~20.04.2UNKNOWN
Ubuntu18.04noarchrunc< 1.0.0~rc93-0ubuntu1~18.04.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	21.04	noarch	runc	< 1.0.0~rc93-0ubuntu1.1	UNKNOWN
Ubuntu	21.04	noarch	golang-github-opencontainers-runc-dev	< 1.0.0~rc93-0ubuntu1.1	UNKNOWN
Ubuntu	21.04	noarch	runc-dbgsym	< 1.0.0~rc93-0ubuntu1.1	UNKNOWN
Ubuntu	20.10	noarch	runc	< 1.0.0~rc93-0ubuntu1~20.10.2	UNKNOWN
Ubuntu	20.10	noarch	golang-github-opencontainers-runc-dev	< 1.0.0~rc93-0ubuntu1~20.10.2	UNKNOWN
Ubuntu	20.10	noarch	runc-dbgsym	< 1.0.0~rc93-0ubuntu1~20.10.2	UNKNOWN
Ubuntu	20.04	noarch	runc	< 1.0.0~rc93-0ubuntu1~20.04.2	UNKNOWN
Ubuntu	20.04	noarch	golang-github-opencontainers-runc-dev	< 1.0.0~rc93-0ubuntu1~20.04.2	UNKNOWN
Ubuntu	20.04	noarch	runc-dbgsym	< 1.0.0~rc93-0ubuntu1~20.04.2	UNKNOWN
Ubuntu	18.04	noarch	runc	< 1.0.0~rc93-0ubuntu1~18.04.2	UNKNOWN