Summary: | <app-containers/runc-1.0.2-r1: Access restriction bypass (CVE-2021-43784) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | gyakovlev, williamh |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2021-12-06 19:23:35 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=49df66c342189a9408855b6ab29403b459ebb39d commit 49df66c342189a9408855b6ab29403b459ebb39d Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-12-14 08:39:33 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-12-14 08:41:10 +0000 app-emulation/runc: revbump for CVE-2021-43784 since we pin dep of runc to exact version in stack, adding 1.0.3 will require revbumping the rest. So let's just revbump stable ebuild with a patch from upstream release branch. Bug: https://bugs.gentoo.org/828471 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/runc/files/CVE-2021-43784.patch | 86 ++++++++++++++++++++++ .../{runc-1.0.2.ebuild => runc-1.0.2-r1.ebuild} | 2 + 2 files changed, 88 insertions(+) |