VulnerableCode Package Details - pkg:deb/ubuntu/runc@0.1.1-0ubuntu3

Search for packages

Vulnerability	Summary	Fixed by
VCID-5wce-1ywg-aaam Aliases: CVE-2019-19921 GHSA-fh74-hm69-rqjw	runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)	1.0.0~rc10-0ubuntu1~19.10.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.0.0~rc10-0ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-6myd-yj9t-aaae Aliases: CVE-2021-30465 GHSA-c3xm-pvg7-gh7r	runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.	1.0.0~rc93-0ubuntu1~20.04.2 Affected by 0 other vulnerabilities.
VCID-funr-5s9t-aaak Aliases: CVE-2016-9962 GHSA-gp4j-w3vj-7299	RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.	1.0.0~rc2+docker1.13.1-0ubuntu1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qu99-ca7p-aaac Aliases: CVE-2016-3697 GHSA-q3j5-32m5-58c2	libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.	1.0.0~rc2+docker1.12.6-0ubuntu1~16.04.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-rtmc-4r84-aaas Aliases: CVE-2019-5736	runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.	1.0.0~rc4+dfsg1-6ubuntu0.18.04.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vvs4-9r5v-aaap Aliases: CVE-2019-16884 GHSA-fgv8-vj5c-2ppq	runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.	1.0.0~rc8+git20190923.3e425f80-0ubuntu1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.0.0~rc10-0ubuntu1~18.04.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-5wce-1ywg-aaam
Aliases:
CVE-2019-19921
GHSA-fh74-hm69-rqjw

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

1.0.0~rc10-0ubuntu1~19.10.2
Affected by 1 other vulnerability.

1.0.0~rc10-0ubuntu1
Affected by 1 other vulnerability.

VCID-6myd-yj9t-aaae
Aliases:
CVE-2021-30465
GHSA-c3xm-pvg7-gh7r

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

1.0.0~rc93-0ubuntu1~20.04.2
Affected by 0 other vulnerabilities.

VCID-funr-5s9t-aaak
Aliases:
CVE-2016-9962
GHSA-gp4j-w3vj-7299

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

1.0.0~rc2+docker1.13.1-0ubuntu1
Affected by 4 other vulnerabilities.

VCID-qu99-ca7p-aaac
Aliases:
CVE-2016-3697
GHSA-q3j5-32m5-58c2

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.

1.0.0~rc2+docker1.12.6-0ubuntu1~16.04.1
Affected by 5 other vulnerabilities.

VCID-rtmc-4r84-aaas
Aliases:
CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

1.0.0~rc4+dfsg1-6ubuntu0.18.04.1
Affected by 3 other vulnerabilities.

VCID-vvs4-9r5v-aaap
Aliases:
CVE-2019-16884
GHSA-fgv8-vj5c-2ppq

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

1.0.0~rc8+git20190923.3e425f80-0ubuntu1
Affected by 2 other vulnerabilities.

1.0.0~rc10-0ubuntu1~18.04.2
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Next non-vulnerable version	1.0.0~rc93-0ubuntu1~20.04.2
Latest non-vulnerable version	1.0.0~rc93-0ubuntu1~20.04.2
Risk	10.0