runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
runc 1.1.5 is out and it fixes two more CVEs:
* CVE-2023-25809: is a vulnerability involving rootless containers where
(under specific configurations), the container would have write access to the /sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host were affected. This vulnerability was discovered by Akihiro Suda.
* CVE-2023-28642: is a variant of the same bug and was fixed by the same
patch. This variant of the above vulnerability was reported by Lei Wang.
Author: William Hubbs <firstname.lastname@example.org>
Date: Sun Apr 23 16:33:55 2023 -0500
app-containers/runc: add 1.1.5
Signed-off-by: William Hubbs <email@example.com>