USN-4960-1: runC vulnerability
19 May 2021
runC could be made to overwrite files as the administrator.
- runc - Open Container Project
Etienne Champetier discovered that runC incorrectly checked mount targets.
An attacker with a malicious container image could possibly mount the host
filesystem into the container and escalate privileges.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.
- USN-4867-1: runc, golang-github-opencontainers-runc-dev