When reporting a security issue, do not create an issue or file a pull request on GitHub. The reporting process and disclosure communications are outlined here.
Security: opencontainers/runc
Security
SECURITY.md
-
runc can be tricked into creating empty files/directories on the hostGHSA-jfvp-7x6p-h2pv published
Sep 3, 2024 by cypharLow -
several container breakouts due to internally leaked fdsGHSA-xr7r-f8xq-vfvv published
Jan 31, 2024 by cypharHigh -
AppArmor/SELinux bypass with symlinked /procGHSA-g2j6-57v7-gm8c published
Mar 29, 2023 by cypharModerate -
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unsharedGHSA-m8cg-xc2p-r3fc published
Mar 29, 2023 by cypharLow -
Default inheritable capabilities for linux container should be emptyGHSA-f3fp-gc8g-vw66 published
May 11, 2022 by cypharLow -
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configurationGHSA-v95c-p5hm-xq8f published
Dec 6, 2021 by cypharLow -
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfsGHSA-c3xm-pvg7-gh7r published
May 19, 2021 by cypharHigh -
devices resource list treated as a blacklist by defaultGHSA-g54h-m393-cpwq published
Jul 2, 2020 by cypharLow -
procfs race condition with a shared volume mountGHSA-fh74-hm69-rqjw published
Jan 28, 2020 by cypharModerate
Learn more about advisories related to opencontainers/runc in the GitHub Advisory Database