SUSE-SU-2023:2003-1 -- SLES runcID: oval:org.secpod.oval:def:89048758 | Date: (C)2023-06-02 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for runc fixes the following issues: Update to runc v1.1.5: Security fixes: * CVE-2023-25809: Fixed rootless `/sys/fs/cgroup` is writable when cgroupns isn"t unshared . * CVE-2023-27561: Fixed regression that reintroduced CVE-2019-19921 vulnerability . * CVE-2023-28642: Fixed AppArmor/SELinux bypass with symlinked /proc . Other fixes: * Fix the inability to use `/dev/null` when inside a container. * Fix changing the ownership of host"s `/dev/null` caused by fd redirection . * Fix rare runc exec/enter unshare error on older kernels. * nsexec: Check for errors in `write_log`. * Drop version-specific Go requirement.
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |