CVE-2023-27561: runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must…

high7CVSS 3.1

AVLACHPRLUINSUCHIHAH

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

Affected

22 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	runc	< runc 1.1.5+ds1-1 (bookworm)	runc 1.1.5+ds1-1 (bookworm)
github.com	opencontainers_runc	>= 0 < 1.1.5	1.1.5
github.com	opencontainers_runc	>= 1.0.0-rc95 < 1.1.5	1.1.5
linuxfoundation	runc	< 1.1.5	1.1.5
linuxfoundation	runc	>= 0 < 1.0.0~rc93+ds1-5+deb11u5	1.0.0~rc93+ds1-5+deb11u5
linuxfoundation	runc	>= 0 < 1.1.5+ds1-1	1.1.5+ds1-1
linuxfoundation	runc	>= 0 < 1.1.5+ds1-1	1.1.5+ds1-1
linuxfoundation	runc	>= 0 < 1.1.5+ds1-1	1.1.5+ds1-1
linuxfoundation	runc	>= 0 < 1.1.4-0ubuntu1~18.04.2	1.1.4-0ubuntu1~18.04.2
linuxfoundation	runc	>= 0 < 1.1.4-0ubuntu1~20.04.3	1.1.4-0ubuntu1~20.04.3
linuxfoundation	runc	>= 0 < 1.1.4-0ubuntu1~22.04.3	1.1.4-0ubuntu1~22.04.3
linuxfoundation	runc	>= 0 < 1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4+esm4	1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4+esm4
msrc	cbl2_moby-runc_1.1.5-1_on_cbl_mariner_2.0	—	—
msrc	cbl_mariner_1.0_arm	—	—
msrc	cbl_mariner_1.0_x64	—	—
msrc	cbl_mariner_2.0_arm	—	—
msrc	cbl_mariner_2.0_x64	—	—
msrc	cm1_moby-runc_1.1.5+azure-1_on_cbl_mariner_1.0	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—
redhat	openshift_container_platform	—	—

CVSS provenance

nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

ghsa7.0HIGH

osv7.0HIGH