VYPR
High severityNVD Advisory· Published Sep 25, 2019· Updated Aug 5, 2024

CVE-2019-16884

CVE-2019-16884

Description

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/opencontainers/runcGo
< 1.0.0-rc8.0.20190930145003-cad42f6e09321.0.0-rc8.0.20190930145003-cad42f6e0932
github.com/opencontainers/selinuxGo
< 1.3.1-0.20190929122143-5215b1806f521.3.1-0.20190929122143-5215b1806f52

Affected products

41

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.