VDB
GO-2023-1738
GO-2023-1738
PUBLISHED
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer in github.com/apptainer/apptainer
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | apptainer/apptainer | 0, 0 |
Timeline
- Aug 20, 2024 CVE Published
- Mar 3, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-30549 advisory
- https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7 patch
- https://access.redhat.com/security/cve/cve-2022-1184 url
- https://github.com/apptainer/apptainer/releases/tag/v1.1.8 url
- https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303 url
- https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f url
- https://github.com/torvalds/linux/commit/61a1d87a324ad5e3ed27c6699dfc93218fcf3201 url
- https://github.com/torvalds/linux/commit/65f8ea4cd57dbd46ea13b41dc8bac03176b04233 url
- https://lwn.net/Articles/932136 url
- https://lwn.net/Articles/932137 url
- https://nvd.nist.gov/vuln/detail/CVE-2022-1184 url
- https://security-tracker.debian.org/tracker/CVE-2022-1184 url
- https://security.gentoo.org/glsa/202311-13 url
- https://sylabs.io/2023/04/response-to-cve-2023-30549 url
- https://ubuntu.com/security/CVE-2022-1184 url
- https://www.suse.com/security/cve/CVE-2022-1184.html url