VDB
GO-2024-3110
GO-2024-3110
PUBLISHED
Can be confused to create empty files/directories on the host in github.com/opencontainers/runc
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | opencontainers/runc | 1.2.0-rc.1, 0, 0 |
Timeline
- Sep 6, 2024 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv advisory
- https://github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7 patch
- https://github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e patch
- https://github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf patch
- https://github.com/opencontainers/runc/pull/4359 patch