VulnerableCode Package Details - pkg:deb/ubuntu/runc@1.0.0~rc10-0ubuntu1~18.04.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-5wce-1ywg-aaam Aliases: CVE-2019-19921 GHSA-fh74-hm69-rqjw	runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)	1.0.0~rc10-0ubuntu1~19.10.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.0.0~rc10-0ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-6myd-yj9t-aaae Aliases: CVE-2021-30465 GHSA-c3xm-pvg7-gh7r	runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.	1.0.0~rc93-0ubuntu1~20.04.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5wce-1ywg-aaam
Aliases:
CVE-2019-19921
GHSA-fh74-hm69-rqjw

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

1.0.0~rc10-0ubuntu1~19.10.2
Affected by 1 other vulnerability.

1.0.0~rc10-0ubuntu1
Affected by 1 other vulnerability.

VCID-6myd-yj9t-aaae
Aliases:
CVE-2021-30465
GHSA-c3xm-pvg7-gh7r

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

1.0.0~rc93-0ubuntu1~20.04.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-vvs4-9r5v-aaap	runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.	CVE-2019-16884 GHSA-fgv8-vj5c-2ppq

Vulnerability

Summary

Aliases

VCID-vvs4-9r5v-aaap

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

CVE-2019-16884
GHSA-fgv8-vj5c-2ppq

Next non-vulnerable version	1.0.0~rc93-0ubuntu1~20.04.2
Latest non-vulnerable version	1.0.0~rc93-0ubuntu1~20.04.2
Risk	4.0