Red Hat Security Advisory 2023-6380-01 - An update for runc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and integer overflow vulnerabilities.
6de809a3fcb74f723693c5179a071791ee3e52a7bb7e1ddfc0481b4316accbd7
Ubuntu Security Notice 6088-2 - USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. Felix Wilhelm discovered that runC incorrecly handled netlink messages. An attacker could possibly use this issue to escalate privileges.
228e4e8430141c4a888658c04e39158326161025cc9773182744d3522bc81a9d
The recent commit #9c4440 introduces two vulnerabilities to libcontainer that can be exploited by an attacker with partial control over the bind mount sources of a new container.
ed408918fa162c1e37fcd4ed27b9ab361935aa46728e7fcbca4f23d94f8f25d3