what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2019-19921

Status Candidate

Overview

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

Related Files

Red Hat Security Advisory 2020-1650-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1650-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921, CVE-2020-1702, CVE-2020-1726
SHA-256 | 00bcc2279b20fb0563db4c21585bf23a93232564ef41551f41d18b9a4341fe3f
Red Hat Security Advisory 2020-1485-01
Posted Apr 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1485-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. A race condition has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
SHA-256 | 9f5506eff26e64be425ef07842f106ef66d572420f7dec59990b97953c6afa53
Red Hat Security Advisory 2020-0942-01
Posted Mar 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0942-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. A race condition has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
SHA-256 | a546335cdeeceb6b8804dfd0cbd426affeca451688b0f8359da23b54f2d297f1
Gentoo Linux Security Advisory 202003-21
Posted Mar 15, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-21 - Multiple vulnerabilities have been discovered in runC, the worst of which may lead to privilege escalation. Versions less than 1.0.0_rc10 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2019-16884, CVE-2019-19921, CVE-2019-5736
SHA-256 | b654f470c0bc3ea5e9d17a7e1065315ea14d4f317417da2d5c835cd169d7bb2b
Red Hat Security Advisory 2020-0695-01
Posted Mar 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0695-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
SHA-256 | 31b7c27fa07d375cf33d93f0066d17ec36f07c785fd4920ad8e8a9b8e5e9f5fb
Red Hat Security Advisory 2020-0688-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0688-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A race condition has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19921
SHA-256 | b6a978e16a30622f1ef08edd0d08057edbcb265b8178ca621f34da209a122b86
Ubuntu Security Notice USN-4297-1
Posted Mar 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4297-1 - It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-16884, CVE-2019-19921
SHA-256 | 4c43616d9540099069bfffeca945a4397bc0aedf5dea591e4a09aacf95b0ff9b
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close