Skip to content
This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Upgrade Vulnerable Library: runc from <1.0.3 to 1.0.3 #357

Open
biljanaLukovic opened this issue Jun 7, 2022 · 0 comments
Open

Upgrade Vulnerable Library: runc from <1.0.3 to 1.0.3 #357

biljanaLukovic opened this issue Jun 7, 2022 · 0 comments
Assignees
Labels
Milestone

Comments

@biljanaLukovic
Copy link

Vulnerability identified in github.com/opencontainers/runc
Severity level: medium
This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces.
The patch for this is d72d057ba794164c3cce9451a00b72a78b25e1ae and runc 1.0.3 was released with this bug fixed.

@birtony birtony self-assigned this Jun 13, 2022
@birtony birtony added the chore label Jun 13, 2022
@birtony birtony added this to the 0.1.9 milestone Jun 13, 2022
@birtony birtony moved this to Todo in TrustBloc Wallet/VCS Jun 13, 2022
@birtony birtony moved this from Todo to In Progress in TrustBloc Wallet/VCS Jun 13, 2022
@rolsonquadras rolsonquadras moved this from In Progress to Todo in TrustBloc Wallet/VCS Jun 20, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
No open projects
Status: Todo
Development

No branches or pull requests

2 participants