CVE-2023-27561

CWE-706 — Use of Incorrectly-Resolved Name CWE-41 CWE-281 CWE-5913 documents8 sources

Severity

7.0HIGH

EPSS

0.1%

top 64.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Opencontainers/runc Linuxfoundation Runc Debian Debian Linux +2 more

Timeline

PublishedMar 3

Latest updateAug 20

Description

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages4 packages

▶Gogithub.com/opencontainers/runc1.0.0-rc95 — 1.1.5

▶NVDlinuxfoundation/runc< 1.1.5

▶Debianrunc< 1.0.0~rc93+ds1-5+deb11u5+3

▶Ubunturunc< 1.1.4-0ubuntu1~18.04.2+2

Also affects: Debian Linux 10.0, Enterprise Linux 8.0, 9.0, Openshift Container Platform 4.0

🔴Vulnerability Details

OSV

Opencontainers runc Incorrect Authorization vulnerability in github.com/opencontainers/runc↗2024-08-20

▶

OSV

runc vulnerabilities↗2023-05-18

▶

GHSA

runc AppArmor bypass with symlinked /proc↗2023-03-30

▶

OSV

CVE-2023-27561: runc through 1↗2023-03-03

▶

OSV

Opencontainers runc Incorrect Authorization vulnerability↗2023-03-03

▶

📋Vendor Advisories

Ubuntu

runC vulnerabilities↗2023-05-23

▶

Ubuntu

runC vulnerabilities↗2023-05-18

▶

Microsoft

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges related to libcontainer/rootfs_linux.go. To exploit this an attacker must be able to spawn two containers with custo↗2023-03-14

▶

Red Hat

runc: volume mount race condition (regression of CVE-2019-19921)↗2023-02-20

▶

Debian

CVE-2023-27561: runc - runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privile...↗2023

▶