Vulnerabilities > CVE-2018-16359 - Unspecified vulnerability in Google Gvisor

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

COMPLETE

Availability impact

NONE

network

google

NVD

Published: 2018-09-02

Updated: 2019-10-03

Summary

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Gvisor *	1

References

https://bugs.chromium.org/p/project-zero/issues/detail?id=1632
https://github.com/google/gvisor/commit/001a4c2493b13a43d62c7511fb509a959ae4abc2