CVE-2023-28642

CWE-281 CWE-59 CWE-30512 documents8 sources

Severity

7.8HIGH

EPSS

0.0%

top 98.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opencontainers Runc Github.com Opencontainers/runc Linuxfoundation Runc

Timeline

PublishedMar 29

Latest updateAug 20

Description

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.7

Affected Packages4 packages

▶CVEListV5opencontainers/runc< 1.1.5

▶Gogithub.com/opencontainers/runc< 1.1.5

▶NVDlinuxfoundation/runc< 1.1.5

▶Debianrunc< 1.0.0~rc93+ds1-5+deb11u5+3

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

AppArmor bypass with symlinked /proc in github.com/opencontainers/runc↗2024-08-20

▶

OSV

runc vulnerabilities↗2023-05-18

▶

GHSA

runc AppArmor bypass with symlinked /proc↗2023-03-30

▶

OSV

runc AppArmor bypass with symlinked /proc↗2023-03-30

▶

OSV

CVE-2023-28642: runc is a CLI tool for spawning and running containers according to the OCI specification↗2023-03-29

▶

📋Vendor Advisories

Ubuntu

runC vulnerabilities↗2023-05-23

▶

Ubuntu

runC vulnerabilities↗2023-05-18

▶

Red Hat

runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration↗2023-03-29

▶

Microsoft

AppArmor bypass with symlinked /proc in runc↗2023-03-14

▶

Debian

CVE-2023-28642: runc - runc is a CLI tool for spawning and running containers according to the OCI spec...↗2023

▶