csaf_redhat - rhsa-2023

rhsa-2023_6380

Vulnerability from csaf_redhat

Published

2023-11-07 08:47

Modified

2024-09-18 05:09

Summary

Red Hat Security Advisory: runc security update

Notes

Topic

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. Security Fix(es): * golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724) * runc: Rootless runc makes `/sys/fs/cgroup` writable (CVE-2023-25809) * runc: volume mount race condition (regression of CVE-2019-19921) (CVE-2023-27561) * runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration (CVE-2023-28642) * runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration (CVE-2021-43784) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for runc is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nSecurity Fix(es):\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* runc: Rootless runc makes `/sys/fs/cgroup` writable (CVE-2023-25809)\n\n* runc: volume mount race condition (regression of CVE-2019-19921) (CVE-2023-27561)\n\n* runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration (CVE-2023-28642)\n\n* runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration (CVE-2021-43784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:6380",
        "url": "https://access.redhat.com/errata/RHSA-2023:6380"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2029439",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029439"
      },
      {
        "category": "external",
        "summary": "2175721",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175721"
      },
      {
        "category": "external",
        "summary": "2178492",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
      },
      {
        "category": "external",
        "summary": "2182883",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182883"
      },
      {
        "category": "external",
        "summary": "2182884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182884"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6380.json"
      }
    ],
    "title": "Red Hat Security Advisory: runc security update",
    "tracking": {
      "current_release_date": "2024-09-18T05:09:10+00:00",
      "generator": {
        "date": "2024-09-18T05:09:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2023:6380",
      "initial_release_date": "2023-11-07T08:47:52+00:00",
      "revision_history": [
        {
          "date": "2023-11-07T08:47:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-11-07T08:47:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-18T05:09:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.3.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "runc-4:1.1.9-1.el9.src",
                "product": {
                  "name": "runc-4:1.1.9-1.el9.src",
                  "product_id": "runc-4:1.1.9-1.el9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.1.9-1.el9?arch=src\u0026epoch=4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "runc-4:1.1.9-1.el9.aarch64",
                "product": {
                  "name": "runc-4:1.1.9-1.el9.aarch64",
                  "product_id": "runc-4:1.1.9-1.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.1.9-1.el9?arch=aarch64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.1.9-1.el9.aarch64",
                "product": {
                  "name": "runc-debugsource-4:1.1.9-1.el9.aarch64",
                  "product_id": "runc-debugsource-4:1.1.9-1.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.1.9-1.el9?arch=aarch64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.1.9-1.el9.aarch64",
                "product": {
                  "name": "runc-debuginfo-4:1.1.9-1.el9.aarch64",
                  "product_id": "runc-debuginfo-4:1.1.9-1.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.1.9-1.el9?arch=aarch64\u0026epoch=4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "runc-4:1.1.9-1.el9.ppc64le",
                "product": {
                  "name": "runc-4:1.1.9-1.el9.ppc64le",
                  "product_id": "runc-4:1.1.9-1.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.1.9-1.el9?arch=ppc64le\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.1.9-1.el9.ppc64le",
                "product": {
                  "name": "runc-debugsource-4:1.1.9-1.el9.ppc64le",
                  "product_id": "runc-debugsource-4:1.1.9-1.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.1.9-1.el9?arch=ppc64le\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.1.9-1.el9.ppc64le",
                "product": {
                  "name": "runc-debuginfo-4:1.1.9-1.el9.ppc64le",
                  "product_id": "runc-debuginfo-4:1.1.9-1.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.1.9-1.el9?arch=ppc64le\u0026epoch=4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "runc-4:1.1.9-1.el9.x86_64",
                "product": {
                  "name": "runc-4:1.1.9-1.el9.x86_64",
                  "product_id": "runc-4:1.1.9-1.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.1.9-1.el9?arch=x86_64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.1.9-1.el9.x86_64",
                "product": {
                  "name": "runc-debugsource-4:1.1.9-1.el9.x86_64",
                  "product_id": "runc-debugsource-4:1.1.9-1.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.1.9-1.el9?arch=x86_64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.1.9-1.el9.x86_64",
                "product": {
                  "name": "runc-debuginfo-4:1.1.9-1.el9.x86_64",
                  "product_id": "runc-debuginfo-4:1.1.9-1.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.1.9-1.el9?arch=x86_64\u0026epoch=4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "runc-4:1.1.9-1.el9.s390x",
                "product": {
                  "name": "runc-4:1.1.9-1.el9.s390x",
                  "product_id": "runc-4:1.1.9-1.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.1.9-1.el9?arch=s390x\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.1.9-1.el9.s390x",
                "product": {
                  "name": "runc-debugsource-4:1.1.9-1.el9.s390x",
                  "product_id": "runc-debugsource-4:1.1.9-1.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.1.9-1.el9?arch=s390x\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.1.9-1.el9.s390x",
                "product": {
                  "name": "runc-debuginfo-4:1.1.9-1.el9.s390x",
                  "product_id": "runc-debuginfo-4:1.1.9-1.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.1.9-1.el9?arch=s390x\u0026epoch=4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.1.9-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64"
        },
        "product_reference": "runc-4:1.1.9-1.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.1.9-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le"
        },
        "product_reference": "runc-4:1.1.9-1.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.1.9-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x"
        },
        "product_reference": "runc-4:1.1.9-1.el9.s390x",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.1.9-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src"
        },
        "product_reference": "runc-4:1.1.9-1.el9.src",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.1.9-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64"
        },
        "product_reference": "runc-4:1.1.9-1.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.1.9-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64"
        },
        "product_reference": "runc-debuginfo-4:1.1.9-1.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.1.9-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le"
        },
        "product_reference": "runc-debuginfo-4:1.1.9-1.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.1.9-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x"
        },
        "product_reference": "runc-debuginfo-4:1.1.9-1.el9.s390x",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.1.9-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64"
        },
        "product_reference": "runc-debuginfo-4:1.1.9-1.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.1.9-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64"
        },
        "product_reference": "runc-debugsource-4:1.1.9-1.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.1.9-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le"
        },
        "product_reference": "runc-debugsource-4:1.1.9-1.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.1.9-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x"
        },
        "product_reference": "runc-debugsource-4:1.1.9-1.el9.s390x",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.1.9-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        },
        "product_reference": "runc-debugsource-4:1.1.9-1.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-43784",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2021-12-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2029439"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow vulnerability was found in runC. This issue occurs due to an incorrect netlink encoder handling the possibility of an integer overflow in the 16-bit length field for the byte array attribute type. This flaw allows an attacker who can include a large enough malicious byte array attribute to bypass the namespace restrictions of the container by simply adding their netlink payload, which disables all namespaces.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Before runC 1.0.3, the only user-controlled byte array (used to exploit this vulnerability) was the namespace paths attributes, located in runC\u0027s config.json. Having raw access to that setting would allow the attacker to disable namespace protections entirely. This issue means that in practice, it was fairly difficult to specify an arbitrary-length netlink message with most container runtimes, resulting in the impact of this vulnerability being Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-43784"
        },
        {
          "category": "external",
          "summary": "RHBZ#2029439",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029439"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43784",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-43784"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43784"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f",
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f"
        }
      ],
      "release_date": "2021-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6380"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration"
    },
    {
      "cve": "CVE-2022-41724",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-03-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2178492"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: large handshake records may cause panics",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "RHBZ#2178492",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/468125",
          "url": "https://go.dev/cl/468125"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/58001",
          "url": "https://go.dev/issue/58001"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
          "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1570",
          "url": "https://pkg.go.dev/vuln/GO-2023-1570"
        }
      ],
      "release_date": "2023-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6380"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: large handshake records may cause panics"
    },
    {
      "cve": "CVE-2023-25809",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "discovery_date": "2023-03-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2182884"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc, where it is vulnerable to a denial of service caused by improper access control in the /sys/fs/cgroup endpoint. This flaw allows a local authenticated attacker to cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: Rootless runc makes `/sys/fs/cgroup` writable",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-25809"
        },
        {
          "category": "external",
          "summary": "RHBZ#2182884",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182884"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25809",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-25809"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17",
          "url": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc",
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"
        }
      ],
      "release_date": "2023-03-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6380"
        },
        {
          "category": "workaround",
          "details": "Condition 1: Unshare the cgroup namespace ((docker|podman|nerdctl) run --cgroupns=private). This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts.\nCondition 2 (very rare): add /sys/fs/cgroup to maskedPaths",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "runc: Rootless runc makes `/sys/fs/cgroup` writable"
    },
    {
      "cve": "CVE-2023-27561",
      "cwe": {
        "id": "CWE-41",
        "name": "Improper Resolution of Path Equivalence"
      },
      "discovery_date": "2023-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2175721"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization by adding a symlink to the rootfs that points to a directory on the volume.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: volume mount race condition (regression of CVE-2019-19921)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in runc, related to Incorrect Access Control in libcontainer/rootfs_linux.go, is classified as a moderate severity issue due to its prerequisites for exploitation and the level of access required by an attacker. To exploit this vulnerability, an attacker must have the capability to spawn two containers with custom volume-mount configurations and execute custom images within these containers. This restricts the attack vector to scenarios where an attacker already has a certain level of access to the container environment. Additionally, the vulnerability leads to an escalation of privileges, potentially allowing an attacker to gain elevated permissions on the host system. While the impact of privilege escalation is significant, the specific conditions required for successful exploitation mitigate the overall severity to moderate. \n\nThis CVE exists because of a CVE-2019-19921 regression.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-27561"
        },
        {
          "category": "external",
          "summary": "RHBZ#2175721",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175721"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-27561",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-27561"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9",
          "url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334",
          "url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/issues/3751",
          "url": "https://github.com/opencontainers/runc/issues/3751"
        }
      ],
      "release_date": "2023-02-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6380"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "runc: volume mount race condition (regression of CVE-2019-19921)"
    },
    {
      "cve": "CVE-2023-28642",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "discovery_date": "2023-03-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2182883"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc. This vulnerability could allow a remote attacker to bypass security restrictions and create a symbolic link inside a container to the /proc directory, bypassing AppArmor and SELinux protections.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The symlink vulnerability in runc allowing for the bypassing of AppArmor protections by manipulating the /proc symlink poses a moderate severity issue due to its potential impact on container isolation and security boundaries. While the exploitation requires specific mount configurations and access to the container\u0027s filesystem, it can lead to unauthorized access to host resources and potential privilege escalation within the containerized environment. This could enable attackers to compromise the integrity and confidentiality of other containers or the host system. Although the vulnerability does not allow direct remote code execution, its exploitation can result in significant security risks within containerized infrastructures, warranting a moderate severity rating.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
          "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
          "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-28642"
        },
        {
          "category": "external",
          "summary": "RHBZ#2182883",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182883"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-28642"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c",
          "url": "https://github.com/advisories/GHSA-g2j6-57v7-gm8c"
        }
      ],
      "release_date": "2023-03-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6380"
        },
        {
          "category": "workaround",
          "details": "Avoid using an untrusted container image.",
          "product_ids": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.src",
            "AppStream-9.3.0.GA:runc-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debuginfo-4:1.1.9-1.el9.x86_64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.aarch64",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.ppc64le",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.s390x",
            "AppStream-9.3.0.GA:runc-debugsource-4:1.1.9-1.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration"
    }
  ]
}

cve-2022-41724

Vulnerability from cvelistv5

Published

2023-02-28 17:19

Modified

2024-08-03 12:49

Severity

Summary

Panic on large handshake records in crypto/tls

References

URL	Tags
https://go.dev/issue/58001
https://go.dev/cl/468125
https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
https://pkg.go.dev/vuln/GO-2023-1570
https://security.gentoo.org/glsa/202311-09

Impacted products

Vendor	Product
Go standard library	crypto/tls

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:49:43.929Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/58001"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/468125"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2023-1570"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "crypto/tls",
          "product": "crypto/tls",
          "programRoutines": [
            {
              "name": "handshakeMessage.marshal"
            },
            {
              "name": "Conn.writeRecord"
            },
            {
              "name": "Conn.readHandshake"
            },
            {
              "name": "Conn.handleRenegotiation"
            },
            {
              "name": "Conn.handlePostHandshakeMessage"
            },
            {
              "name": "Conn.handleKeyUpdate"
            },
            {
              "name": "Conn.clientHandshake"
            },
            {
              "name": "Conn.loadSession"
            },
            {
              "name": "clientHandshakeState.handshake"
            },
            {
              "name": "clientHandshakeState.doFullHandshake"
            },
            {
              "name": "clientHandshakeState.readFinished"
            },
            {
              "name": "clientHandshakeState.readSessionTicket"
            },
            {
              "name": "clientHandshakeState.sendFinished"
            },
            {
              "name": "clientHandshakeStateTLS13.handshake"
            },
            {
              "name": "clientHandshakeStateTLS13.sendDummyChangeCipherSpec"
            },
            {
              "name": "clientHandshakeStateTLS13.processHelloRetryRequest"
            },
            {
              "name": "clientHandshakeStateTLS13.readServerParameters"
            },
            {
              "name": "clientHandshakeStateTLS13.readServerCertificate"
            },
            {
              "name": "clientHandshakeStateTLS13.readServerFinished"
            },
            {
              "name": "clientHandshakeStateTLS13.sendClientCertificate"
            },
            {
              "name": "clientHandshakeStateTLS13.sendClientFinished"
            },
            {
              "name": "clientHelloMsg.marshal"
            },
            {
              "name": "clientHelloMsg.marshalWithoutBinders"
            },
            {
              "name": "clientHelloMsg.updateBinders"
            },
            {
              "name": "serverHelloMsg.marshal"
            },
            {
              "name": "encryptedExtensionsMsg.marshal"
            },
            {
              "name": "endOfEarlyDataMsg.marshal"
            },
            {
              "name": "keyUpdateMsg.marshal"
            },
            {
              "name": "newSessionTicketMsgTLS13.marshal"
            },
            {
              "name": "certificateRequestMsgTLS13.marshal"
            },
            {
              "name": "certificateMsg.marshal"
            },
            {
              "name": "certificateMsgTLS13.marshal"
            },
            {
              "name": "serverKeyExchangeMsg.marshal"
            },
            {
              "name": "certificateStatusMsg.marshal"
            },
            {
              "name": "serverHelloDoneMsg.marshal"
            },
            {
              "name": "clientKeyExchangeMsg.marshal"
            },
            {
              "name": "finishedMsg.marshal"
            },
            {
              "name": "certificateRequestMsg.marshal"
            },
            {
              "name": "certificateVerifyMsg.marshal"
            },
            {
              "name": "newSessionTicketMsg.marshal"
            },
            {
              "name": "helloRequestMsg.marshal"
            },
            {
              "name": "Conn.readClientHello"
            },
            {
              "name": "serverHandshakeState.doResumeHandshake"
            },
            {
              "name": "serverHandshakeState.doFullHandshake"
            },
            {
              "name": "serverHandshakeState.readFinished"
            },
            {
              "name": "serverHandshakeState.sendSessionTicket"
            },
            {
              "name": "serverHandshakeState.sendFinished"
            },
            {
              "name": "serverHandshakeStateTLS13.checkForResumption"
            },
            {
              "name": "serverHandshakeStateTLS13.sendDummyChangeCipherSpec"
            },
            {
              "name": "serverHandshakeStateTLS13.doHelloRetryRequest"
            },
            {
              "name": "serverHandshakeStateTLS13.sendServerParameters"
            },
            {
              "name": "serverHandshakeStateTLS13.sendServerCertificate"
            },
            {
              "name": "serverHandshakeStateTLS13.sendServerFinished"
            },
            {
              "name": "serverHandshakeStateTLS13.sendSessionTickets"
            },
            {
              "name": "serverHandshakeStateTLS13.readClientCertificate"
            },
            {
              "name": "serverHandshakeStateTLS13.readClientFinished"
            },
            {
              "name": "cipherSuiteTLS13.expandLabel"
            },
            {
              "name": "sessionState.marshal"
            },
            {
              "name": "sessionStateTLS13.marshal"
            },
            {
              "name": "Conn.Handshake"
            },
            {
              "name": "Conn.HandshakeContext"
            },
            {
              "name": "Conn.Read"
            },
            {
              "name": "Conn.Write"
            },
            {
              "name": "ConnectionState.ExportKeyingMaterial"
            },
            {
              "name": "Dial"
            },
            {
              "name": "DialWithDialer"
            },
            {
              "name": "Dialer.Dial"
            },
            {
              "name": "Dialer.DialContext"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.19.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.20.1",
              "status": "affected",
              "version": "1.20.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Marten Seemann"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-12T19:05:53.918Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/58001"
        },
        {
          "url": "https://go.dev/cl/468125"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2023-1570"
        },
        {
          "url": "https://security.gentoo.org/glsa/202311-09"
        }
      ],
      "title": "Panic on large handshake records in crypto/tls"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2022-41724",
    "datePublished": "2023-02-28T17:19:44.420Z",
    "dateReserved": "2022-09-28T17:00:06.611Z",
    "dateUpdated": "2024-08-03T12:49:43.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-27561

Vulnerability from cvelistv5

Published

2023-03-03 00:00

Modified

2024-08-02 12:16

Severity

7.0 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

References

URL	Tags
https://github.com/opencontainers/runc/issues/3751
https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334
https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9
https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html	mailing-list
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/	vendor-advisory

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linuxfoundation:runc:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "runc",
            "vendor": "linuxfoundation",
            "versions": [
              {
                "status": "affected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openshift_container_platform",
            "vendor": "redhat",
            "versions": [
              {
                "status": "affected",
                "version": "4.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "enterprise_linux",
            "vendor": "redhat",
            "versions": [
              {
                "status": "affected",
                "version": "9.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-27561",
                "options": [
                  {
                    "Exploitation": "None"
                  },
                  {
                    "Automatable": "No"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-26T04:00:21.933074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-706",
                "description": "CWE-706 Use of Incorrectly-Resolved Name or Reference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:45.821Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:16:36.456Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/issues/3751"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"
          },
          {
            "name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
          },
          {
            "name": "FEDORA-2023-1bcbb1db39",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/"
          },
          {
            "name": "FEDORA-2023-3cccbc4c95",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/"
          },
          {
            "name": "FEDORA-2023-1ba499965f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/"
          },
          {
            "name": "FEDORA-2023-9edf2145fb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/"
          },
          {
            "name": "FEDORA-2023-6e6d9065e0",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-16T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/opencontainers/runc/issues/3751"
        },
        {
          "url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"
        },
        {
          "url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"
        },
        {
          "name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
        },
        {
          "name": "FEDORA-2023-1bcbb1db39",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/"
        },
        {
          "name": "FEDORA-2023-3cccbc4c95",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/"
        },
        {
          "name": "FEDORA-2023-1ba499965f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/"
        },
        {
          "name": "FEDORA-2023-9edf2145fb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/"
        },
        {
          "name": "FEDORA-2023-6e6d9065e0",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-27561",
    "datePublished": "2023-03-03T00:00:00",
    "dateReserved": "2023-03-03T00:00:00",
    "dateUpdated": "2024-08-02T12:16:36.456Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-25809

Vulnerability from cvelistv5

Published

2023-03-29 18:22

Modified

2024-08-02 11:32

Severity

5.0 (Medium) - cvssV3_1 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Summary

rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc

References

URL	Tags
https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc	x_refsource_CONFIRM
https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17	x_refsource_MISC

Impacted products

Vendor	Product
opencontainers	runc

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:32:12.344Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"
          },
          {
            "name": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "runc",
          "vendor": "opencontainers",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.1.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host . Other users\u0027s cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add `/sys/fs/cgroup` to `maskedPaths`.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-281",
              "description": "CWE-281: Improper Preservation of Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-29T18:22:56.875Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"
        },
        {
          "name": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"
        }
      ],
      "source": {
        "advisory": "GHSA-m8cg-xc2p-r3fc",
        "discovery": "UNKNOWN"
      },
      "title": "rootless: `/sys/fs/cgroup` is writable when cgroupns isn\u0027t unshared in runc"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-25809",
    "datePublished": "2023-03-29T18:22:56.875Z",
    "dateReserved": "2023-02-15T16:34:48.772Z",
    "dateUpdated": "2024-08-02T11:32:12.344Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-28642

Vulnerability from cvelistv5

Published

2023-03-29 18:15

Modified

2024-08-02 13:43

Severity

6.1 (Medium) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Summary

AppArmor bypass with symlinked /proc in runc

References

URL	Tags
https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c	x_refsource_CONFIRM
https://github.com/opencontainers/runc/pull/3785	x_refsource_MISC

Impacted products

Vendor	Product
opencontainers	runc

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:23.241Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"
          },
          {
            "name": "https://github.com/opencontainers/runc/pull/3785",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/pull/3785"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "runc",
          "vendor": "opencontainers",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.1.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-281",
              "description": "CWE-281: Improper Preservation of Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-29T18:15:48.957Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"
        },
        {
          "name": "https://github.com/opencontainers/runc/pull/3785",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/opencontainers/runc/pull/3785"
        }
      ],
      "source": {
        "advisory": "GHSA-g2j6-57v7-gm8c",
        "discovery": "UNKNOWN"
      },
      "title": "AppArmor bypass with symlinked /proc in runc"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28642",
    "datePublished": "2023-03-29T18:15:48.957Z",
    "dateReserved": "2023-03-20T12:19:47.209Z",
    "dateUpdated": "2024-08-02T13:43:23.241Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-43784

Vulnerability from cvelistv5

Published

2021-12-06 00:00

Modified

2024-08-04 04:03

Severity

6.0 (Medium) - cvssV3_1 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

Summary

Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration

References

URL	Tags
https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html	mailing-list
https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html	mailing-list

Impacted products

Vendor	Product
opencontainers	runc

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:03:08.907Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241"
          },
          {
            "name": "[debian-lts-announce] 20211206 [SECURITY] [DLA 2841-1] runc security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html"
          },
          {
            "name": "[debian-lts-announce] 20240219 [SECURITY] [DLA 3735-1] runc security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "runc",
          "vendor": "opencontainers",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.0.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the `C` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-19T03:06:18.060889",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f"
        },
        {
          "url": "https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554"
        },
        {
          "url": "https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae"
        },
        {
          "url": "https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed"
        },
        {
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2241"
        },
        {
          "name": "[debian-lts-announce] 20211206 [SECURITY] [DLA 2841-1] runc security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html"
        },
        {
          "name": "[debian-lts-announce] 20240219 [SECURITY] [DLA 3735-1] runc security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"
        }
      ],
      "source": {
        "advisory": "GHSA-v95c-p5hm-xq8f",
        "discovery": "UNKNOWN"
      },
      "title": "Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-43784",
    "datePublished": "2021-12-06T00:00:00",
    "dateReserved": "2021-11-16T00:00:00",
    "dateUpdated": "2024-08-04T04:03:08.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2023_6380

Vulnerability from csaf_redhat

cve-2022-41724

Vulnerability from cvelistv5

cve-2023-27561

Vulnerability from cvelistv5

cve-2023-25809

Vulnerability from cvelistv5

cve-2023-28642

Vulnerability from cvelistv5

cve-2021-43784

Vulnerability from cvelistv5

Tags