rpm package
suse/runc&distro=SUSE Linux Enterprise Module for Containers 15 SP1
pkg:rpm/suse/runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19921 | — | < 1.0.0~rc10-1.9.1 | 1.0.0~rc10-1.9.1 | Feb 12, 2020 | runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul | ||
| CVE-2019-16884 | — | < 1.0.0~rc8-1.6.1 | 1.0.0~rc8-1.6.1 | Sep 25, 2019 | runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. |
- CVE-2019-19921Feb 12, 2020affected < 1.0.0~rc10-1.9.1fixed 1.0.0~rc10-1.9.1
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul
- CVE-2019-16884Sep 25, 2019affected < 1.0.0~rc8-1.6.1fixed 1.0.0~rc8-1.6.1
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.