Ubuntu Security Update USN-6088-1: runC vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,934
Reaction score
75
Credits
-1,257
It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. (CVE-2023-25809) It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. (CVE-2023-27561) It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux. (CVE-2023-28642)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-7851-2: runC regression
Replies
0
Views
233
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7851-1: runC vulnerabilities
Replies
0
Views
373
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8337-1: QtSvg vulnerabilities
Replies
0
Views
72
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8338-1: Apache HTTP Server vulnerabilities
Replies
0
Views
78
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8283-1: rsync vulnerabilities
Replies
0
Views
152
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 2,157 (members: 4, guests: 2,153)

Latest posts

Top