VulnerableCode Package Details - pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u3

Search for packages

Vulnerability	Summary	Fixed by
VCID-sxre-t5g1-aaaj Aliases: CVE-2023-27561 GHSA-vpvm-3wq2-2wvm	runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.	1.0.0~rc93+ds1-5+deb11u5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.0.3+ds1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-sxre-t5g1-aaaj
Aliases:
CVE-2023-27561
GHSA-vpvm-3wq2-2wvm

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

1.0.0~rc93+ds1-5+deb11u5
Affected by 1 other vulnerability.

1.0.3+ds1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-04-26T02:41:30.274114+00:00	Debian Importer	Fixing	VCID-6j4q-p114-aaae	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:41:26.119670+00:00	Debian Importer	Affected by	VCID-6j4q-p114-aaae	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:41:25.335311+00:00	Debian Importer	Fixing	VCID-6j4q-p114-aaae	None	34.0.0rc4
2024-04-26T02:30:32.922753+00:00	Debian Importer	Fixing	VCID-sxre-t5g1-aaaj	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:30:31.198739+00:00	Debian Importer	Fixing	VCID-sxre-t5g1-aaaj	None	34.0.0rc4
2024-04-26T02:30:30.165214+00:00	Debian Importer	Affected by	VCID-sxre-t5g1-aaaj	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:13:57.110661+00:00	Debian Importer	Fixing	VCID-78xd-zy32-aaas	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:13:54.600795+00:00	Debian Importer	Affected by	VCID-78xd-zy32-aaas	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-26T02:13:52.630772+00:00	Debian Importer	Fixing	VCID-78xd-zy32-aaas	None	34.0.0rc4
2024-04-25T05:42:38.343728+00:00	Debian Importer	Fixing	VCID-us2v-fh9z-aaaa	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-25T05:42:31.955926+00:00	Debian Importer	Affected by	VCID-us2v-fh9z-aaaa	https://security-tracker.debian.org/tracker/data/json	34.0.0rc4
2024-04-25T05:42:29.427187+00:00	Debian Importer	Fixing	VCID-us2v-fh9z-aaaa	None	34.0.0rc4