Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions.
{ "binaries": [ { "binary_name": "golang-github-opencontainers-runc-dev", "binary_version": "1.1.4-0ubuntu1~18.04.2+esm1" }, { "binary_name": "runc", "binary_version": "1.1.4-0ubuntu1~18.04.2+esm1" }, { "binary_name": "runc-dbgsym", "binary_version": "1.1.4-0ubuntu1~18.04.2+esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "golang-github-opencontainers-runc-dev", "binary_version": "1.1.7-0ubuntu1~20.04.2" }, { "binary_name": "runc", "binary_version": "1.1.7-0ubuntu1~20.04.2" }, { "binary_name": "runc-dbgsym", "binary_version": "1.1.7-0ubuntu1~20.04.2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "golang-github-opencontainers-runc-dev", "binary_version": "1.1.7-0ubuntu1~22.04.2" }, { "binary_name": "runc", "binary_version": "1.1.7-0ubuntu1~22.04.2" }, { "binary_name": "runc-dbgsym", "binary_version": "1.1.7-0ubuntu1~22.04.2" } ], "availability": "No subscription required" }