runc - Arch Linux
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2599 | 1.0.2-2 | 1.0.3-1 | Low | Fixed | |
| AVG-1972 | 1.0.0rc94-1 | 1.0.0rc95-1 | High | Fixed | |
| AVG-878 | 1.0.0rc5+168+g079817cc-1 | 1.0.0rc6-1 | High | Fixed | |
| AVG-134 | 0.1.1-4 | 1.0.0rc5+19+g69663f0b-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-43784 | AVG-2599 | Low | Yes | Arbitrary code execution | In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the C portion of our code (responsible... |
| CVE-2021-30465 | AVG-1972 | High | No | Sandbox escape | runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack where an attacker with the ability to start containers using a custom volume... |
| CVE-2019-5736 | AVG-878 | High | Yes | Privilege escalation | A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... |
| CVE-2016-9962 | AVG-134 | High | No | Privilege escalation | The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 25 May 2021 | ASA-202105-17 | AVG-1972 | High | sandbox escape |
| 11 Feb 2019 | ASA-201902-6 | AVG-878 | High | privilege escalation |
| 16 May 2018 | ASA-201805-11 | AVG-134 | High | privilege escalation |