Ubuntu Security Notice 6088-2 - USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. Felix Wilhelm discovered that runC incorrecly handled netlink messages. An attacker could possibly use this issue to escalate privileges.
228e4e8430141c4a888658c04e39158326161025cc9773182744d3522bc81a9dRed Hat Security Advisory 2020-1650-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an information leakage vulnerability.
00bcc2279b20fb0563db4c21585bf23a93232564ef41551f41d18b9a4341fe3fRed Hat Security Advisory 2020-1485-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. A race condition has been addressed.
9f5506eff26e64be425ef07842f106ef66d572420f7dec59990b97953c6afa53Red Hat Security Advisory 2020-0942-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. A race condition has been addressed.
a546335cdeeceb6b8804dfd0cbd426affeca451688b0f8359da23b54f2d297f1Gentoo Linux Security Advisory 202003-21 - Multiple vulnerabilities have been discovered in runC, the worst of which may lead to privilege escalation. Versions less than 1.0.0_rc10 are affected.
b654f470c0bc3ea5e9d17a7e1065315ea14d4f317417da2d5c835cd169d7bb2bRed Hat Security Advisory 2020-0695-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition was addressed.
31b7c27fa07d375cf33d93f0066d17ec36f07c785fd4920ad8e8a9b8e5e9f5fbRed Hat Security Advisory 2020-0688-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition has been addressed.
b6a978e16a30622f1ef08edd0d08057edbcb265b8178ca621f34da209a122b86Ubuntu Security Notice 4297-1 - It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
4c43616d9540099069bfffeca945a4397bc0aedf5dea591e4a09aacf95b0ff9b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed