DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2023-28642

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-28642

CGA ID

CGA-hqm9-wq7w-hpgg

Severity

7.8

High

CVSS V3

Description

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images