Information disclosure vulnerability in RunC when running as root userID: oval:org.secpod.oval:def:42573 | Date: (C)2017-10-27 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
The host is installed with RunC on Ubuntu 17.04 or 17.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the container. Successful exploitation could allow attackers to gain access to file-descriptors of new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
Platform: |
Ubuntu 16.04 |
Ubuntu 17.04 |
Ubuntu 17.10 |