{"url":"http://public2.vulnerablecode.io/api/packages/1052231?format=json","purl":"pkg:deb/debian/runc@0.1.1%2Bdfsg1-2%2Bdeb9u1","type":"deb","namespace":"debian","name":"runc","version":"0.1.1+dfsg1-2+deb9u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.0.3+ds1-1","latest_non_vulnerable_version":"1.3.3+ds1-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37329?format=json","vulnerability_id":"VCID-3m4n-58pj-mkeb","summary":"Multiple vulnerabilities have been discovered in runc, the worst of which could lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29162.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29162.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29162","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31636","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31763","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32114","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32074","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31931","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31957","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31979","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32018","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32015","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31986","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31935","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31401","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31554","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"},{"reference_url":"https://github.com/opencontainers/runc/releases/tag/v1.1.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.2"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29162","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29162"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2086398","reference_id":"2086398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2086398"},{"reference_url":"https://security.archlinux.org/AVG-2707","reference_id":"AVG-2707","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2707"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/","reference_id":"AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/","reference_id":"D77CKD3AXPMU4PMQIQI5Q74SI4JATNND","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/","reference_id":"GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5068","reference_id":"RHSA-2022:5068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7457","reference_id":"RHSA-2022:7457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7469","reference_id":"RHSA-2022:7469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8090","reference_id":"RHSA-2022:8090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8090"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052236?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u2"}],"aliases":["CVE-2022-29162","GHSA-f3fp-gc8g-vw66"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m4n-58pj-mkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37083?format=json","vulnerability_id":"VCID-3yvf-q4uj-dbdh","summary":"Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC\n### Impact\n\nIn runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C portion of our code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration.\n\nThis vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces.\n\nPrior to 9c444070ec7bb83995dbc0185da68284da71c554, in practice it was fairly difficult to specify an arbitrary-length netlink message with most container runtimes. The only user-controlled byte array was the namespace paths attributes which can be specified in runc's `config.json`, but as far as we can tell no container runtime gives raw access to that configuration setting -- and having raw access to that setting **would allow the attacker to disable namespace protections entirely anyway** (setting them to `/proc/1/ns/...` for instance). In addition, each namespace path is limited to 4096 bytes (with only 7 namespaces supported by runc at the moment) meaning that even with custom namespace paths it appears an attacker still cannot shove enough bytes into the netlink bytemsg in order to overflow the uint16 counter.\n\nHowever, out of an abundance of caution (given how old this bug is) we decided to treat it as a potentially exploitable vulnerability with a low severity. After 9c444070ec7bb83995dbc0185da68284da71c554 (which was not present in any release of runc prior to the discovery of this bug), all mount paths are included as a giant netlink message which means that this bug becomes significantly more exploitable in more reasonable threat scenarios.\n\nThe main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure), though as mentioned above it appears this bug was not practically exploitable on any released version of runc to date.\n\n### Patches\nThe patch for this is d72d057ba794164c3cce9451a00b72a78b25e1ae and runc 1.0.3 was released with this bug fixed.\n\n### Workarounds\nTo the extent this is exploitable, disallowing untrusted namespace paths in container configuration should eliminate all practical ways of exploiting this bug. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.\n\n### References\n* commit d72d057ba794 (\"runc init: avoid netlink message length overflows\")\n* https://bugs.chromium.org/p/project-zero/issues/detail?id=2241\n\n### Credits\nThanks to Felix Wilhelm from Google Project Zero for discovering and reporting this vulnerability. In particular, the fact they found this vulnerability so quickly, before we made a 1.1 release of runc (which would've been vulnerable) was quite impressive.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [our repo](https://github.com/opencontainers/runc)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43784","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29632","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29775","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29842","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29958","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30078","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30171","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30168","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30132","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30255","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30175","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30027","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30072","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30093","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43784"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=2241","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=2241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554"},{"reference_url":"https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae"},{"reference_url":"https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77"},{"reference_url":"https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43784","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43784"},{"reference_url":"https://pkg.go.dev/vuln/GO-2022-0274","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2022-0274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2029439","reference_id":"2029439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2029439"},{"reference_url":"https://security.archlinux.org/AVG-2599","reference_id":"AVG-2599","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2599"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"}],"aliases":["CVE-2021-43784","GHSA-v95c-p5hm-xq8f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3yvf-q4uj-dbdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10297?format=json","vulnerability_id":"VCID-7juj-78y7-g7b6","summary":"Containment Errors (Container Errors)\nrunc allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to `/proc/self/exe`.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html"},{"reference_url":"http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html"},{"reference_url":"http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5736.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5736.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2019-5736","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/cve-2019-5736"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/runcescape","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/runcescape"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5736","reference_id":"","reference_type":"","scores":[{"value":"0.55296","scoring_system":"epss","scoring_elements":"0.98049","published_at":"2026-04-01T12:55:00Z"},{"value":"0.55296","scoring_system":"epss","scoring_elements":"0.98055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.55296","scoring_system":"epss","scoring_elements":"0.98057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.55296","scoring_system":"epss","scoring_elements":"0.98076","published_at":"2026-04-18T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98241","published_at":"2026-04-24T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98226","published_at":"2026-04-07T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98231","published_at":"2026-04-09T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98234","published_at":"2026-04-13T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98239","published_at":"2026-04-21T12:55:00Z"},{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98249","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5736"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2019-002/","reference_id":"","reference_type":"","scores":[],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2019-002/"},{"reference_url":"https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/"},{"reference_url":"https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/","reference_id":"","reference_type":"","scores":[],"url":"https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/"},{"reference_url":"https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html","reference_id":"","reference_type":"","scores":[],"url":"https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html"},{"reference_url":"https://brauner.github.io/2019/02/12/privileged-containers.html","reference_id":"","reference_type":"","scores":[],"url":"https://brauner.github.io/2019/02/12/privileged-containers.html"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1121967","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1121967"},{"reference_url":"https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc","reference_id":"","reference_type":"","scores":[],"url":"https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/docker/docker-ce/releases/tag/v18.09.2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/docker/docker-ce/releases/tag/v18.09.2"},{"reference_url":"https://github.com/Frichetten/CVE-2019-5736-PoC","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Frichetten/CVE-2019-5736-PoC"},{"reference_url":"https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b"},{"reference_url":"https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d"},{"reference_url":"https://github.com/q3k/cve-2019-5736-poc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/q3k/cve-2019-5736-poc"},{"reference_url":"https://github.com/rancher/runc-cve","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rancher/runc-cve"},{"reference_url":"https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/","reference_id":"","reference_type":"","scores":[],"url":"https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/"},{"reference_url":"https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190307-0008/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190307-0008/"},{"reference_url":"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944","reference_id":"","reference_type":"","scores":[],"url":"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03913en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03913en_us"},{"reference_url":"https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003","reference_id":"","reference_type":"","scores":[],"url":"https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"},{"reference_url":"https://www.exploit-db.com/exploits/46359/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/46359/"},{"reference_url":"https://www.exploit-db.com/exploits/46369/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/46369/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/02/11/2","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2019/02/11/2"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_06","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/security/advisory/Synology_SA_19_06"},{"reference_url":"https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/","reference_id":"","reference_type":"","scores":[],"url":"https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/03/23/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/03/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/28/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/06/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/06/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/07/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/06/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/07/06/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/24/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/24/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/29/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/29/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2024/01/31/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/01/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2024/02/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/02/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2024/02/02/3"},{"reference_url":"http://www.securityfocus.com/bid/106976","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106976"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664908","reference_id":"1664908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664908"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050","reference_id":"922050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922169","reference_id":"922169","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922169"},{"reference_url":"https://security.archlinux.org/ASA-201902-20","reference_id":"ASA-201902-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-20"},{"reference_url":"https://security.archlinux.org/ASA-201902-6","reference_id":"ASA-201902-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-6"},{"reference_url":"https://security.archlinux.org/AVG-878","reference_id":"AVG-878","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-878"},{"reference_url":"https://security.archlinux.org/AVG-880","reference_id":"AVG-880","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-880"},{"reference_url":"https://security.archlinux.org/AVG-892","reference_id":"AVG-892","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-892"},{"reference_url":"https://security.archlinux.org/AVG-893","reference_id":"AVG-893","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-893"},{"reference_url":"https://security.archlinux.org/AVG-895","reference_id":"AVG-895","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-895"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:d2iq:kubernetes_engine:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:d2iq:kubernetes_engine:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:d2iq:kubernetes_engine:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:kubernetes_engine:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:kubernetes_engine:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:kubernetes_engine:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:onesphere:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:onesphere:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:onesphere:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:container_development_kit:3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:container_development_kit:3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:container_development_kit:3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/feexd/pocs/tree/a5aac58e0935a505c034b5f9e6cf35c1fc67471d/CVE-2019-5736","reference_id":"CVE-2019-5736","reference_type":"exploit","scores":[],"url":"https://github.com/feexd/pocs/tree/a5aac58e0935a505c034b5f9e6cf35c1fc67471d/CVE-2019-5736"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46359.md","reference_id":"CVE-2019-5736","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46359.md"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46369.md","reference_id":"CVE-2019-5736","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46369.md"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5736","reference_id":"CVE-2019-5736","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5736"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/02/13/3","reference_id":"CVE-2019-5736","reference_type":"exploit","scores":[],"url":"https://www.openwall.com/lists/oss-security/2019/02/13/3"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0303","reference_id":"RHSA-2019:0303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0304","reference_id":"RHSA-2019:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0401","reference_id":"RHSA-2019:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0408","reference_id":"RHSA-2019:0408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0975","reference_id":"RHSA-2019:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0975"},{"reference_url":"https://usn.ubuntu.com/4048-1/","reference_id":"USN-4048-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4048-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052233?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-2"}],"aliases":["CVE-2019-5736"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7juj-78y7-g7b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39636?format=json","vulnerability_id":"VCID-997v-f2ds-e3e4","summary":"Multiple vulnerabilities have been discovered in runC, the worst of\n    which may lead to privilege escalation.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0688","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0695","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0695"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19921","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31934","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32062","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31922","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31948","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31969","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32008","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31976","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32102","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31924","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33642","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921"},{"reference_url":"https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0"},{"reference_url":"https://github.com/opencontainers/runc/issues/2197","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/issues/2197"},{"reference_url":"https://github.com/opencontainers/runc/pull/2190","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/pull/2190"},{"reference_url":"https://github.com/opencontainers/runc/pull/2207","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/pull/2207"},{"reference_url":"https://github.com/opencontainers/runc/releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/releases"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19921","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19921"},{"reference_url":"https://pkg.go.dev/vuln/GO-2021-0087","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2021-0087"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2019-19921","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security-tracker.debian.org/tracker/CVE-2019-19921"},{"reference_url":"https://usn.ubuntu.com/4297-1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4297-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796107","reference_id":"1796107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796107"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0942","reference_id":"RHSA-2020:0942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1485","reference_id":"RHSA-2020:1485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1485"},{"reference_url":"https://usn.ubuntu.com/4297-1/","reference_id":"USN-4297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4297-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052235?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5"}],"aliases":["CVE-2019-19921","GHSA-fh74-hm69-rqjw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-997v-f2ds-e3e4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47806?format=json","vulnerability_id":"VCID-9mdg-3961-cybf","summary":"mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs\n### Summary\n\nrunc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack whereby\nan attacker can request a seemingly-innocuous container configuration that\nactually results in the host filesystem being bind-mounted into the container\n(allowing for a container escape). CVE-2021-30465 has been assigned for this\nissue.\n\nAn attacker must have the ability to start containers using some kind of custom\nvolume configuration, and while recommended container hardening mechanisms such\nas LSMs (AppArmor/SELinux) and user namespaces will restrict the amount of\ndamage an attacker could do, they do not block this attack outright. We have a\nreproducer using Kubernetes (and the below description mentions\nKubernetes-specific paths), but this is not a Kubernetes-specific issue.\n\nThe now-released [runc v1.0.0-rc95][release] contains a fix for this issue, we\nrecommend users update as soon as possible.\n\n[release]: https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95\n\n### Details\n\nIn circumstances where a container is being started, and runc is mounting\ninside a volume shared with another container (which is conducting a\nsymlink-exchange attack), runc can be tricked into mounting outside of the\ncontainer rootfs by swapping the target of a mount with a symlink due to a\ntime-of-check-to-time-of-use (TOCTTOU) flaw. This is fairly similar in style to\nprevious TOCTTOU attacks (and is a problem we are working on solving with\nlibpathrs).\n\nHowever, this alone is not useful because this happens inside a mount namespace\nwith `MS_SLAVE` propagation applied to `/` (meaning that the mount doesn't\nappear on the host -- it's only a \"host-side mount\" inside the container's\nnamespace). To exploit this, you must have additional mount entries in the\nconfiguration that use some subpath of the mounted-over host path as a source\nfor a subsequent mount.\n\nHowever, it turns out with some container orchestrators (such as Kubernetes --\nthough it is very likely that other downstream users of runc could have similar\nbehaviour be accessible to untrusted users), the existence of additional volume\nmanagement infrastructure allows this attack to be applied to gain access to\nthe host filesystem without requiring the attacker to have completely arbitrary\ncontrol over container configuration.\n\nIn the case of Kubernetes, this is exploitable by creating a symlink in a\nvolume to the top-level (well-known) directory where volumes are sourced from\n(for instance,\n`/var/lib/kubelet/pods/$MY_POD_UID/volumes/kubernetes.io~empty-dir`), and then\nusing that symlink as the target of a mount. The source of the mount is an\nattacker controlled directory, and thus the source directory from which\nsubsequent mounts will occur is an attacker-controlled directory. Thus the\nattacker can first place a symlink to `/` in their malicious source directory\nwith the name of a volume, and a subsequent mount in the container will\nbind-mount `/` into the container.\n\nApplying this attack requires the attacker to start containers with a slightly\npeculiar volume configuration (though not explicitly malicious-looking such as\nbind-mounting `/` into the container explicitly), and be able to run malicious\ncode in a container that shares volumes with said volume configuration. It\nhelps the attacker if the host paths used for volume management are well known,\nthough this is not a hard requirement.\n\n### Patches\nThis has been patched in runc 1.0.0-rc95, and users should upgrade as soon as\npossible. The patch itself can be found [here](https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f).\n\n### Workarounds\n\nThere are no known workarounds for this issue.\n\nHowever, users who enforce running containers with more confined security\nprofiles (such as reduced capabilities, not running code as root in the\ncontainer, user namespaces, AppArmor/SELinux, and seccomp) will restrict what\nan attacker can do in the case of a container breakout -- we recommend users\nmake use of strict security profiles if possible (most notably user namespaces\n-- which can massively restrict the impact a container breakout can have on the\nhost system).\n\n### References\n* [commit](https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f)\n* [seclists public disclosure](https://www.openwall.com/lists/oss-security/2021/05/19/2)\n\n### Credit\n\nThanks to Etienne Champetier for discovering and disclosing this vulnerability,\nto Noah Meyerhans for writing the first draft of this patch, and to Samuel Karp\nfor testing it.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [our issue tracker](https://github.com/opencontainers/runc/issues).\n* Email us at <security@opencontainers.org>.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30465.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30465","reference_id":"","reference_type":"","scores":[{"value":"0.01473","scoring_system":"epss","scoring_elements":"0.80881","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01473","scoring_system":"epss","scoring_elements":"0.80913","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01473","scoring_system":"epss","scoring_elements":"0.8089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84383","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84357","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84354","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84353","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84392","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84879","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84989","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.8492","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84926","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84927","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84902","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30465"},{"reference_url":"https://bugzilla.opensuse.org/show_bug.cgi?id=1185405","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.opensuse.org/show_bug.cgi?id=1185405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f"},{"reference_url":"https://github.com/opencontainers/runc/releases","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/releases"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30465","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30465"},{"reference_url":"https://security.gentoo.org/glsa/202107-26","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202107-26"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210708-0003","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210708-0003"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/19/2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/19/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954736","reference_id":"1954736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954736"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988768","reference_id":"988768","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988768"},{"reference_url":"https://security.archlinux.org/ASA-202105-17","reference_id":"ASA-202105-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-17"},{"reference_url":"https://security.archlinux.org/AVG-1972","reference_id":"AVG-1972","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1562","reference_id":"RHSA-2021:1562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1566","reference_id":"RHSA-2021:1566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2057","reference_id":"RHSA-2021:2057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2144","reference_id":"RHSA-2021:2144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2145","reference_id":"RHSA-2021:2145","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2150","reference_id":"RHSA-2021:2150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2291","reference_id":"RHSA-2021:2291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2292","reference_id":"RHSA-2021:2292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2370","reference_id":"RHSA-2021:2370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2371","reference_id":"RHSA-2021:2371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2371"},{"reference_url":"https://usn.ubuntu.com/4960-1/","reference_id":"USN-4960-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4960-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4867-1/","reference_id":"USN-USN-4867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4867-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052235?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5"}],"aliases":["CVE-2021-30465","GHSA-c3xm-pvg7-gh7r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mdg-3961-cybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31817?format=json","vulnerability_id":"VCID-jc1e-8tt4-xqdn","summary":"Opencontainers runc Incorrect Authorization vulnerability\nrunc 1.0.0-rc95 through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to `libcontainer/rootfs_linux.go`. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27561","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34545","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34767","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34785","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35018","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35064","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35079","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3504","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35099","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35095","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35147","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35118","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"},{"reference_url":"https://github.com/opencontainers/runc/issues/3751","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://github.com/opencontainers/runc/issues/3751"},{"reference_url":"https://github.com/opencontainers/runc/pull/3785","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/pull/3785"},{"reference_url":"https://github.com/opencontainers/runc/releases/tag/v1.1.5","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.5"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27561","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27561"},{"reference_url":"https://security.netapp.com/advisory/ntap-20241206-0004","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20241206-0004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520","reference_id":"1033520","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175721","reference_id":"2175721","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175721"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/","reference_id":"ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/","reference_id":"DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/","reference_id":"FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/","reference_id":"FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/","reference_id":"I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"}],"aliases":["CVE-2023-27561","GHSA-vpvm-3wq2-2wvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jc1e-8tt4-xqdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31360?format=json","vulnerability_id":"VCID-seds-dzew-jyfs","summary":"runc AppArmor bypass with symlinked /proc\n### Impact\nIt was found that AppArmor, and potentially SELinux, can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration.\n\n### Patches\nFixed in runc v1.1.5, by prohibiting symlinked `/proc`: https://github.com/opencontainers/runc/pull/3785\n\nThis PR fixes CVE-2023-27561 as well.\n\n### Workarounds\nAvoid using an untrusted container image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01815","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01825","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0174","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01817","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01767","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01762","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/pull/3785","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/pull/3785"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28642","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28642"},{"reference_url":"https://security.netapp.com/advisory/ntap-20241206-0005","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20241206-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883","reference_id":"2182883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0564","reference_id":"RHSA-2024:0564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0564"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"}],"aliases":["CVE-2023-28642","GHSA-g2j6-57v7-gm8c"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-seds-dzew-jyfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14393?format=json","vulnerability_id":"VCID-tsgr-5mwt-jkeh","summary":"runc vulnerable to container breakout through process.cwd trickery and leaked fds\n### Impact\n\nIn runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from `runc exec`) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem (\"attack 2\"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through `runc run` (\"attack 1\"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes (\"attack 3a\" and \"attack 3b\").\n\nStrictly speaking, while attack 3a is the most severe from a CVSS perspective, attacks 2 and 3b are arguably more dangerous in practice because they allow for a breakout from inside a container as opposed to requiring a user execute a malicious image. The reason attacks 1 and 3a are scored higher is because being able to socially engineer users is treated as a given for UI:R vectors, despite attacks 2 and 3b requiring far more minimal user interaction (just reasonable `runc exec` operations on a container the attacker has access to). In any case, all four attacks can lead to full control of the host system.\n\n#### Attack 1: `process.cwd` \"mis-configuration\"\n\nIn runc 1.1.11 and earlier, several file descriptors were inadvertently leaked internally within runc into `runc init`, including a handle to the host's `/sys/fs/cgroup` (this leak was added in v1.0.0-rc93). If the container was configured to have `process.cwd` set to `/proc/self/fd/7/` (the actual fd can change depending on file opening order in `runc`), the resulting pid1 process will have a working directory in the host mount namespace and thus the spawned process can access the entire host filesystem. This alone is not an exploit against runc, however a malicious image could make any innocuous-looking non-`/` path a symlink to `/proc/self/fd/7/` and thus trick a user into starting a container whose binary has access to the host filesystem.\n\nFurthermore, prior to runc 1.1.12, runc also did not verify that the final working directory was inside the container's mount namespace after calling `chdir(2)` (as we have already joined the container namespace, it was incorrectly assumed there would be no way to chdir outside the container after `pivot_root(2)`).\n\nThe CVSS score for this attack is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N (8.2, high severity).\n\nNote that this attack requires a privileged user to be tricked into running a malicious container image. It should be noted that when using higher-level runtimes (such as Docker or Kubernetes), this exploit can be considered critical as it can be done remotely by anyone with the rights to start a container image (and can be exploited from within Dockerfiles using `ONBUILD` in the case of Docker).\n\n#### Attack 2: `runc exec` container breakout\n\n(This is a modification of attack 1, constructed to allow for a process inside a container to break out.)\n\nThe same fd leak and lack of verification of the working directory in attack 1 also apply to `runc exec`. If a malicious process inside the container knows that some administrative process will call `runc exec` with the `--cwd` argument and a given path, in most cases they can replace that path with a symlink to `/proc/self/fd/7/`. Once the container process has executed the container binary, `PR_SET_DUMPABLE` protections no longer apply and the attacker can open `/proc/$exec_pid/cwd` to get access to the host filesystem.\n\n`runc exec` defaults to a cwd of `/` (which cannot be replaced with a symlink), so this attack depends on the attacker getting a user (or some administrative process) to use `--cwd` and figuring out what path the target working directory is. Note that if the target working directory is a parent of the program binary being executed, the attacker might be unable to replace the path with a symlink (the `execve` will fail in most cases, unless the host filesystem layout specifically matches the container layout in specific ways and the attacker knows which binary the `runc exec` is executing).\n\nThe CVSS score for this attack is CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N (7.2, high severity).\n\n#### Attacks 3a and 3b: `process.args` host binary overwrite attack\n\n(These are modifications of attacks 1 and 2, constructed to overwrite a host binary by using `execve` to bring a magic-link reference into the container.)\n\nAttacks 1 and 2 can be adapted to overwrite a host binary by using a path like `/proc/self/fd/7/../../../bin/bash` as the `process.args` binary argument, causing a host binary to be executed by a container process. The `/proc/$pid/exe` handle can then be used to overwrite the host binary, as seen in CVE-2019-5736 (note that the same `#!` trick can be used to avoid detection as an attacker). As the overwritten binary could be something like `/bin/bash`, as soon as a privileged user executes the target binary on the host, the attacker can pivot to gain full access to the host.\n\nFor the purposes of CVSS scoring:\n\n* Attack 3a is attack 1 but adapted to overwrite a host binary, where a malicious image is set up to execute `/proc/self/fd/7/../../../bin/bash` and run a shell script that overwrites `/proc/self/exe`, overwriting the host copy of `/bin/bash`. The CVSS score for this attack is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H (8.6, high severity).\n* Attack 3b is attack 2 but adapted to overwrite a host binary, where the malicious container process overwrites all of the possible `runc exec` target binaries inside the container (such as `/bin/bash`) such that a host target binary is executed and then the container process opens `/proc/$pid/exe` to get access to the host binary and overwrite it. The CVSS score for this attack is CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H (8.2, high severity).\n\nAs mentioned in attack 1, while 3b is scored lower it is more dangerous in practice as it doesn't require a user to run a malicious image.\n\n### Patches\nrunc 1.1.12 has been released, and includes patches for this issue. Note that there are four separate fixes applied:\n\n* Checking that the working directory is actually inside the container by checking whether `os.Getwd` returns `ENOENT` (Linux provides a way of detecting if cwd is outside the current namespace root). This explicitly blocks runc from executing a container process when inside a non-container path and thus eliminates attacks 1 and 2 even in the case of fd leaks.\n* Close all internal runc file descriptors in the final stage of `runc init`, right before `execve`. This ensures that internal file descriptors cannot be used as an argument to `execve` and thus eliminates attacks 3a and 3b, even in the case of fd leaks. This requires hooking into some Go runtime internals to make sure we don't close critical Go internal file descriptors.\n* Fixing the specific fd leaks that made these bug exploitable (mark `/sys/fs/cgroup` as `O_CLOEXEC` and backport a fix for some `*os.File` leaks).\n* In order to protect against future `runc init` file descriptor leaks, mark all non-stdio files as `O_CLOEXEC` before executing `runc init`.\n\n### Other Runtimes\n\nWe have discovered that several other container runtimes are either potentially vulnerable to similar attacks, or do not have sufficient protection against attacks of this nature. We recommend other container runtime authors look at [our patches](#Patches) and make sure they at least add a `getcwd() != ENOENT` check as well as consider whether `close_range(3, UINT_MAX, CLOSE_RANGE_CLOEXEC)` before executing their equivalent of `runc init` is appropriate.\n\n * crun 1.12 does not leak any useful file descriptors into the `runc init`-equivalent process (so this attack is _not exploitable_ as far as we can tell), but no care is taken to make sure all non-stdio files are `O_CLOEXEC` and there is no check after `chdir(2)` to ensure the working directory is inside the container. If a file descriptor happened to be leaked in the future, this could be exploitable. In addition, any file descriptors passed to `crun` are not closed until the container process is executed, meaning that easily-overlooked programming errors by users of `crun` can lead to these attacks becoming exploitable.\n * youki 0.3.1 does not leak any useful file descriptors into the `runc init`-equivalent process (so this attack is _not exploitable_ as far as we can tell) however this appears to be pure luck. `youki` does leak a directory file descriptor from the host mount namespace, but it just so happens that the directory is the rootfs of the container (which then gets `pivot_root`'d into and so ends up as a in-root path thanks to `chroot_fs_refs`). In addition, no care is taken to make sure all non-stdio files are `O_CLOEXEC` and there is no check after `chdir(2)` to ensure the working directory is inside the container. If a file descriptor happened to be leaked in the future, this could be exploitable. In addition, any file descriptors passed to `youki` are not closed until the container process is executed, meaning that easily-overlooked programming errors by users of `youki` can lead to these attacks becoming exploitable.\n * LXC 5.0.3 does not appear to leak any useful file descriptors, and they have comments noting the importance of not leaking file descriptors in `lxc-attach`. However, they don't seem to have any proactive protection against file descriptor leaks at the point of `chdir` such as using `close_range(...)` (they do have RAII-like `__do_fclose` closers but those don't necessarily stop all leaks in this context) nor do they have any check after `chdir(2)` to ensure the working directory is inside the container. Unfortunately it seems they cannot use `CLOSE_RANGE_CLOEXEC` because they don't need to re-exec themselves.\n\n### Workarounds\nFor attacks 1 and 2, only permit containers (and `runc exec`) to use a `process.cwd` of `/`. It is not possible for `/` to be replaced with a symlink (the path is resolved from within the container's mount namespace, and you cannot change the root of a mount namespace or an fs root to a symlink).\n\nFor attacks 1 and 3a, only permit users to run trusted images.\n\nFor attack 3b, there is no practical workaround other than never using `runc exec` because any binary you try to execute with `runc exec` could end up being a malicious binary target.\n\n### See Also\n* https://www.cve.org/CVERecord?id=CVE-2024-21626\n* https://github.com/opencontainers/runc/releases/tag/v1.1.12\n* The runc 1.1.12 merge commit https://github.com/opencontainers/runc/commit/a9833ff391a71b30069a6c3f816db113379a4346, which contains the following security patches:\n  * https://github.com/opencontainers/runc/commit/506552a88bd3455e80a9b3829568e94ec0160309\n  * https://github.com/opencontainers/runc/commit/0994249a5ec4e363bfcf9af58a87a722e9a3a31b\n  * https://github.com/opencontainers/runc/commit/fbe3eed1e568a376f371d2ced1b4ac16b7d7adde\n  * https://github.com/opencontainers/runc/commit/284ba3057e428f8d6c7afcc3b0ac752e525957df\n  * https://github.com/opencontainers/runc/commit/b6633f48a8c970433737b9be5bfe4f25d58a5aa7\n  * https://github.com/opencontainers/runc/commit/683ad2ff3b01fb142ece7a8b3829de17150cf688\n  * https://github.com/opencontainers/runc/commit/e9665f4d606b64bf9c4652ab2510da368bfbd951\n\n### Credits\n\nThanks to Rory McNamara from Snyk for discovering and disclosing the original vulnerability (attack 1) to Docker, @lifubang from acmcoder for discovering how to adapt the attack to overwrite host binaries (attack 3a), and Aleksa Sarai from SUSE for discovering how to adapt the attacks to work as container breakouts using `runc exec` (attacks 2 and 3b).","references":[{"reference_url":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21626.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21626","reference_id":"","reference_type":"","scores":[{"value":"0.03456","scoring_system":"epss","scoring_elements":"0.87551","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03456","scoring_system":"epss","scoring_elements":"0.87558","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03873","scoring_system":"epss","scoring_elements":"0.88248","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03892","scoring_system":"epss","scoring_elements":"0.88311","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04223","scoring_system":"epss","scoring_elements":"0.88797","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05303","scoring_system":"epss","scoring_elements":"0.90042","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05303","scoring_system":"epss","scoring_elements":"0.90041","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05634","scoring_system":"epss","scoring_elements":"0.90346","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06756","scoring_system":"epss","scoring_elements":"0.91295","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06756","scoring_system":"epss","scoring_elements":"0.91292","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06756","scoring_system":"epss","scoring_elements":"0.91285","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06756","scoring_system":"epss","scoring_elements":"0.91279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06756","scoring_system":"epss","scoring_elements":"0.91266","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07448","scoring_system":"epss","scoring_elements":"0.91734","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07448","scoring_system":"epss","scoring_elements":"0.91729","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21626"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf"},{"reference_url":"https://github.com/opencontainers/runc/releases/tag/v1.1.12","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.12"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21626","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21626"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/01/1","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/02/3","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/02/3"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062532","reference_id":"1062532","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258725","reference_id":"2258725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258725"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/","reference_id":"2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0645","reference_id":"RHSA-2024:0645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0662","reference_id":"RHSA-2024:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0666","reference_id":"RHSA-2024:0666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0670","reference_id":"RHSA-2024:0670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0684","reference_id":"RHSA-2024:0684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0717","reference_id":"RHSA-2024:0717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0748","reference_id":"RHSA-2024:0748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0752","reference_id":"RHSA-2024:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0755","reference_id":"RHSA-2024:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0756","reference_id":"RHSA-2024:0756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0757","reference_id":"RHSA-2024:0757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0758","reference_id":"RHSA-2024:0758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0759","reference_id":"RHSA-2024:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0760","reference_id":"RHSA-2024:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0760"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0764","reference_id":"RHSA-2024:0764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10149","reference_id":"RHSA-2024:10149","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10149"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10520","reference_id":"RHSA-2024:10520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10525","reference_id":"RHSA-2024:10525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10841","reference_id":"RHSA-2024:10841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1270","reference_id":"RHSA-2024:1270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4597","reference_id":"RHSA-2024:4597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0115","reference_id":"RHSA-2025:0115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0650","reference_id":"RHSA-2025:0650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1711","reference_id":"RHSA-2025:1711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1711"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/","reference_id":"SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/"},{"reference_url":"https://usn.ubuntu.com/6619-1/","reference_id":"USN-6619-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6619-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"}],"aliases":["CVE-2024-21626","GHSA-xr7r-f8xq-vfvv"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsgr-5mwt-jkeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30928?format=json","vulnerability_id":"VCID-v2ys-xbn5-guh4","summary":"rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc\n### Impact\nIt was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons:\n1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl)\n2. or, when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare)\n\nA container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host .\nOther users's cgroup hierarchies are not affected.\n\n### Patches\nv1.1.5 (planned)\n\n### Workarounds\n- Condition 1: Unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts.\n- Condition 2 (very rare): add `/sys/fs/cgroup` to `maskedPaths`","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25809","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10001","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10115","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10103","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10176","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10138","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10045","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10769","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10712","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12039","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12007","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1195","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12063","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11946","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"},{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"}],"url":"https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"},{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25809","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25809"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182884","reference_id":"2182884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182884"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"}],"aliases":["CVE-2023-25809","GHSA-m8cg-xc2p-r3fc"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v2ys-xbn5-guh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39633?format=json","vulnerability_id":"VCID-zex4-9xyf-6yf1","summary":"Multiple vulnerabilities have been discovered in runC, the worst of\n    which may lead to privilege escalation.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3940","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4074","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4269","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4269"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16884","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.5506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55041","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55034","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.54984","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56308","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56364","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56359","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57389","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57374","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57348","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57369","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65333","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65258","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65308","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4"},{"reference_url":"https://github.com/opencontainers/runc/issues/2128","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/issues/2128"},{"reference_url":"https://github.com/opencontainers/runc/pull/2129","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/pull/2129"},{"reference_url":"https://github.com/opencontainers/runc/pull/2130","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/pull/2130"},{"reference_url":"https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16884","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16884"},{"reference_url":"https://pkg.go.dev/vuln/GO-2021-0085","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2021-0085"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220221-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220221-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220221-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220221-0004/"},{"reference_url":"https://usn.ubuntu.com/4297-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4297-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757214","reference_id":"1757214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757214"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026","reference_id":"942026","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942027","reference_id":"942027","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942027"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*","reference_id":"cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8:*:*:*:*:*:*","reference_id":"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1234","reference_id":"RHSA-2020:1234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1234"},{"reference_url":"https://usn.ubuntu.com/4297-1/","reference_id":"USN-4297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4297-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4867-1/","reference_id":"USN-USN-4867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4867-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052235?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5"}],"aliases":["CVE-2019-16884","GHSA-fgv8-vj5c-2ppq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zex4-9xyf-6yf1"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36505?format=json","vulnerability_id":"VCID-165g-hgmx-nybk","summary":"Information Exposure in RunC\nRunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container.  This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0116.html","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0116.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0123.html","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0123.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0127.html","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0127.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9962.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9962.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/cve-2016-9962","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/vulnerabilities/cve-2016-9962"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9962","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32078","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31688","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31897","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32063","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3209","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32112","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3211","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32144","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32117","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32067","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32242","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32205","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9962"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9962"},{"reference_url":"http://seclists.org/fulldisclosure/2017/Jan/21","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2017/Jan/21"},{"reference_url":"http://seclists.org/fulldisclosure/2017/Jan/29","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2017/Jan/29"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/docker/docker/releases/tag/v1.12.6","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/docker/docker/releases/tag/v1.12.6"},{"reference_url":"https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5"},{"reference_url":"https://github.com/opencontainers/runc/commit/5d93fed3d27f1e2bab58bad13b180a7a81d0b378","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/5d93fed3d27f1e2bab58bad13b180a7a81d0b378"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9962","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9962"},{"reference_url":"https://security.gentoo.org/glsa/201701-34","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-34"},{"reference_url":"https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9962","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9962"},{"reference_url":"http://www.securityfocus.com/archive/1/540001/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/540001/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/95361","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/95361"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1409531","reference_id":"1409531","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1409531"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850951","reference_id":"850951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850951"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850952","reference_id":"850952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850952"},{"reference_url":"https://security.archlinux.org/ASA-201701-19","reference_id":"ASA-201701-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-19"},{"reference_url":"https://security.archlinux.org/ASA-201805-11","reference_id":"ASA-201805-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-11"},{"reference_url":"https://security.archlinux.org/AVG-133","reference_id":"AVG-133","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-133"},{"reference_url":"https://security.archlinux.org/AVG-134","reference_id":"AVG-134","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0116","reference_id":"RHSA-2017:0116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0123","reference_id":"RHSA-2017:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0127","reference_id":"RHSA-2017:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052231?format=json","purl":"pkg:deb/debian/runc@0.1.1%2Bdfsg1-2%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-7juj-78y7-g7b6"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-2%252Bdeb9u1"}],"aliases":["CVE-2016-9962","GHSA-gp4j-w3vj-7299"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-165g-hgmx-nybk"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-2%252Bdeb9u1"}