CVE-2021-30465 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Sandbox escape
Description	runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack where an attacker with the ability to start containers using a custom volume configuration can request a seemingly-innocuous container configuration that results in the host filesystem being bind-mounted into the container (allowing for a container escape).

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1972	runc	1.0.0rc94-1	1.0.0rc95-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
25 May 2021	ASA-202105-17	AVG-1972	runc	High	sandbox escape

References
https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f

Notes
Workaround ========== Container hardening mechanisms such as LSMs (AppArmor/SELinux) and user namespaces can restrict the amount of damage an attacker could do but they do not block this attack outright.

Notes

Workaround
==========

Container hardening mechanisms such as LSMs (AppArmor/SELinux) and user namespaces can restrict the amount of damage an attacker could do but they do not block this attack outright.