Summary: | <app-containers/runc-1.1.5: Privilege escalation bug | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | gyakovlev, williamh |
Priority: | Normal | Keywords: | PATCH |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/opencontainers/runc/releases/tag/v1.1.5 | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=709456 https://github.com/opencontainers/runc/pull/3785 |
||
Whiteboard: | B2 [glsa?] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2023-03-26 01:19:16 UTC
runc 1.1.5 is out and it fixes two more CVEs: * CVE-2023-25809: is a vulnerability involving rootless containers where (under specific configurations), the container would have write access to the /sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host were affected. This vulnerability was discovered by Akihiro Suda. * CVE-2023-28642: is a variant of the same bug and was fixed by the same patch. This variant of the above vulnerability was reported by Lei Wang. https://github.com/opencontainers/runc/releases/tag/v1.1.5 commit 082f7b1e24a65be9c7b8d09cab220a68a3aca164 Author: William Hubbs <williamh@gentoo.org> Date: Sun Apr 23 16:33:55 2023 -0500 app-containers/runc: add 1.1.5 Signed-off-by: William Hubbs <williamh@gentoo.org> commit c5bf2a0bfa317aea69e2536b61e17e963257a8e9 Author: William Hubbs <williamh@gentoo.org> Date: Tue Jul 25 10:18:58 2023 -0500 app-containers/runc: drop 1.1.4 |