Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: containers-common #1563

Closed
dongsupark opened this issue Oct 14, 2024 · 0 comments · Fixed by flatcar/scripts#2388
Closed

update: containers-common #1563

dongsupark opened this issue Oct 14, 2024 · 0 comments · Fixed by flatcar/scripts#2388
Labels
advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS security security concerns

Comments

@dongsupark
Copy link
Member

Name: containers-common
CVEs: CVE-2024-9341
CVSSs: 5.4
Action Needed: update to >= 0.60.4

Summary: A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.

refmap.gentoo: https://bugs.gentoo.org/941218

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS security security concerns
Projects
Development

Successfully merging a pull request may close this issue.

1 participant