[ubuntu/kinetic-security] runc 1.1.4-0ubuntu1~22.10.3 (Accepted)

David Fernandez Gonzalez david.fernandezgonzalez at canonical.com
Wed May 17 12:28:59 UTC 2023


runc (1.1.4-0ubuntu1~22.10.3) kinetic-security; urgency=medium

  * SECURITY UPDATE: Incorrect access control through /sys/fs/cgroup
    - debian/patches/CVE-2023-25809.patch: apply MS_RDONLY if
      /sys/fs/cgroup is bind-mounted or mask if bind source is unavailable
      in libcontainer/rootfs_linux.go.
    - CVE-2023-25809
  * SECURITY UPDATE: Incorrect access control through /proc and /sys
    - debian/patches/CVE-2023-27561_2023-28642.patch: Prohibit /proc and
      /sys to be symlinks in libcontainer/rootfs_linux.go.
    - CVE-2023-27561
    - CVE-2023-28642

Date: 2023-05-17 09:13:15.182650+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
https://launchpad.net/ubuntu/+source/runc/1.1.4-0ubuntu1~22.10.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the kinetic-changes mailing list