CVE-2021-30465 log
Source |
|
Severity | High |
Remote | No |
Type | Sandbox escape |
Description | runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack where an attacker with the ability to start containers using a custom volume configuration can request a seemingly-innocuous container configuration that results in the host filesystem being bind-mounted into the container (allowing for a container escape). |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1972 | runc | 1.0.0rc94-1 | 1.0.0rc95-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
25 May 2021 | ASA-202105-17 | AVG-1972 | runc | High | sandbox escape |
References |
---|
https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f |
Notes |
---|
Workaround ========== Container hardening mechanisms such as LSMs (AppArmor/SELinux) and user namespaces can restrict the amount of damage an attacker could do but they do not block this attack outright. |