Published: 27/05/2021 Updated: 07/11/2023

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

CVSS v3 Base Score: 8.5 | Impact Score: 6 | Exploitability Score: 1.8

VMScore: 536

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

runc prior to 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linuxfoundation runc 1.0.0
linuxfoundation runc
fedoraproject fedora 33
fedoraproject fedora 34

Debian Bug report logs - #988768 runc: CVE-2021-30465 Package: runc; Maintainer for runc is Debian Go Packaging Team <team+pkg-go@trackerdebianorg>; Source for runc is src:runc (PTS, buildd, popcon) Reported by: Shengjing Zhu <zhsj@debianorg> Date: Wed, 19 May 2021 11:39:02 UTC Severity: serious Tags: help, secur ...

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container The highest threat from this vulnerability is to data confidentiality and integrity as well as to system availability (CVE-2021-30465) ...

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container The highest threat from this vulnerability is to data confidentiality and integrity as well as to system availability ...

runc 100-rc94 and earlier are vulnerable to a symlink exchange attack whereby an attacker can request a seemingly-innocuous container configuration that actually results in the host filesystem being bind-mounted into the container (allowing for a container escape) An attacker must have the ability to start containers using some kind of custom v ...

云安全系列收集与云安全相关的文章和工具索引文章蓝队工具 IAC扫描 IAC用例基线扫描合规供应链安全流量测防护开源防护软件公司红队工具交流讨论内容文章【云攻防系列】从攻击者视角聊聊K8S集群安全（上） K8s提权之RBAC权限滥用云原生之Kubernetes安全 �

Updated for MacOs - Copied from https://github.com/kata-containers/kata-containers/tree/main/src/libs/safe-path

Safe Path A library to safely handle filesystem paths, typically for container runtimes There are often path related attacks, such as symlink based attacks, TOCTTOU attacks The safe-path crate provides several functions and utility structures to protect against path resolution related attacks Support Operating Systems: Linux Reference filepath-securejoin: secure_join() w

A fork of the rust safe_path crate that builds on Windows but exclude `pinned_path_buf` and `scoped_dir_builder`

Safe Path A library to safely handle filesystem paths, typically for container runtimes There are often path related attacks, such as symlink based attacks, TOCTTOU attacks The safe-path crate provides several functions and utility structures to protect against path resolution related attacks Support Operating Systems: Linux Reference filepath-securejoin: secure_join() w

Kubernetes hostPort allow services traffic interception when using kubeproxy IPVS (CVE-2019-9946) Host MITM attack via IPv6 rogue router advertisements (K8S / Docker / LXD / WSL2 / ) Bridge firewalling "bypass" using VLAN 0 Kubernetes MITM using LoadBalancer or ExternalIPs (CVE-2020-8554) Metadata service MITM allows root privilege escalation (EKS / GKE)

Safe Path A library to safely handle filesystem paths, typically for container runtimes There are often path related attacks, such as symlink based attacks, TOCTTOU attacks The safe-path crate provides several functions and utility structures to protect against path resolution related attacks Support Operating Systems: Linux Reference filepath-securejoin: secure_join() w

概览产品简介产品概念使用须知产品价格名词解释使用必读入门必读集群版本维护说明版本跟踪 126 版本说明集群管理创建集群查看集群删除集群通过 Kubectl 管理集群 kubectl 命令行简介安装及配置 kubectl 使用 web kubectl 集群更新凭证创建 PVC 创建 Service StatefulSet 示例 ku

CWE-362 https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r https://github.com/opencontainers/runc/releases http://www.openwall.com/lists/oss-security/2021/05/19/2 https://bugzilla.opensuse.org/show_bug.cgi?id=1185405 https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f https://security.netapp.com/advisory/ntap-20210708-0003/https://security.gentoo.org/glsa/202107-26 https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988768 https://nvd.nist.gov https://github.com/apps4uco/safe-path https://alas.aws.amazon.com/ALAS-2021-1499.html

CVE-2021-30465

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect