Skip to content
This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Upgrade Vulnerable Library: runc from <1.0.3 to 1.0.3 #357

Open
biljanaLukovic opened this issue Jun 7, 2022 · 0 comments
Open

Upgrade Vulnerable Library: runc from <1.0.3 to 1.0.3 #357

biljanaLukovic opened this issue Jun 7, 2022 · 0 comments
Assignees
@birtony
Labels
chore
Milestone
0.1.9

Comments

@biljanaLukovic
Copy link

Vulnerability identified in github.com/opencontainers/runc
Severity level: medium
This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces.
The patch for this is d72d057ba794164c3cce9451a00b72a78b25e1ae and runc 1.0.3 was released with this bug fixed.
@birtony birtony mentioned this issue Jun 7, 2022
Closed
@birtony birtony self-assigned this Jun 13, 2022
@birtony birtony added the chore label Jun 13, 2022
@birtony birtony added this to the 0.1.9 milestone Jun 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@birtony birtony

Labels
chore
Projects
No open projects
TrustBloc Wallet/VCS
Status: Todo
Milestone
0.1.9
Development

No branches or pull requests
2 participants
@biljanaLukovic @birtony