VYPR

rpm package

suse/runc&distro=SUSE Linux Enterprise Module for Containers 15 SP1

pkg:rpm/suse/runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1

Vulnerabilities (2)

  • CVE-2019-19921Feb 12, 2020
    affected < 1.0.0~rc10-1.9.1fixed 1.0.0~rc10-1.9.1

    runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul

  • CVE-2019-16884Sep 25, 2019
    affected < 1.0.0~rc8-1.6.1fixed 1.0.0~rc8-1.6.1

    runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.