USN-4297-1: runC vulnerabilities
9 March 2020
Several security issues were fixed in runc.
- runc - Open Container Project
It was discovered that runC incorrectly checked mount targets. An attacker
with a malicious container image could possibly mount over the /proc
directory and escalate privileges. This issue only affected Ubuntu 18.04
It was discovered that runC incorrectly performed access control. An
attacker could possibly use this issue to escalate privileges.