runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
Find out more about CVE-2023-28642 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|---|---|---|---|
Linux | ||||
Wind River Linux LTS 17 | Requires LTSS | -- | -- | -- |
Wind River Linux 8 | Not Vulnerable | -- | -- | -- |
Wind River Linux 9 | Requires LTSS | -- | -- | -- |
Wind River Linux 7 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 21 | Fixed |
LIN1021-5534 |
10.21.20.18 | -- |
Wind River Linux LTS 22 | Fixed |
LIN1022-3802 |
10.22.33.8 | -- |
Wind River Linux LTS 18 | Fixed |
LIN1018-10524 |
10.18.44.30 | -- |
Wind River Linux LTS 19 | Fixed |
LIN1019-9633 |
10.19.45.28 | -- |
Wind River Linux CD release | Not Vulnerable | -- | -- | -- |
Wind River Linux 6 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 23 | Fixed |
LIN1023-97 |
10.23.30.1 | -- |
VxWorks | ||||
VxWorks 7 | Not Vulnerable | -- | -- | -- |
VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
Helix Virtualization Platform Cert Edition | ||||
Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
Product Name | Status | Defect | Fixed | Downloads |
---|