Vulnerabilities > CVE-2019-16884 - Incorrect Authorization vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE network
low complexity
linuxfoundation
docker
fedoraproject
opensuse
redhat
canonical
CWE-863
nessus
Summary
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1234.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1234 advisory. - runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) - containers/image: Container images read entire image manifest into memory (CVE-2020-1702) - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-01 plugin id 135084 published 2020-04-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135084 title RHEL 7 : docker (RHSA-2020:1234) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1234. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135084); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/14"); script_cve_id("CVE-2019-16884", "CVE-2020-1702", "CVE-2020-8945"); script_xref(name:"RHSA", value:"2020:1234"); script_name(english:"RHEL 7 : docker (RHSA-2020:1234)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1234 advisory. - runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) - containers/image: Container images read entire image manifest into memory (CVE-2020-1702) - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/41.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/400.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/416.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1234"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-16884"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1702"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-8945"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1784228"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1795376"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1796451"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8945"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(41, 400, 416); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_extras_other:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-logrotate"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-lvm-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-novolume-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-rhel-push-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-v1.10-migrator"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'docker-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-client-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-client-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-common-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-common-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-logrotate-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-logrotate-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-lvm-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-lvm-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-novolume-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-novolume-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-rhel-push-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-rhel-push-plugin-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'}, {'reference':'docker-v1.10-migrator-1.13.1-161.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'epoch':'2'}, {'reference':'docker-v1.10-migrator-1.13.1-161.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'epoch':'2'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'docker / docker-client / docker-common / etc'); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2810-1.NASL description This update for runc fixes the following issues : Security issue fixed : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) Non-security issues fixed: Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 130391 published 2019-10-30 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130391 title SUSE SLES15 Security Update : runc (SUSE-SU-2019:2810-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:2810-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(130391); script_version("1.3"); script_cvs_date("Date: 2019/12/17"); script_cve_id("CVE-2019-16884"); script_name(english:"SUSE SLES15 Security Update : runc (SUSE-SU-2019:2810-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for runc fixes the following issues : Security issue fixed : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) Non-security issues fixed: Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1131314" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1131553" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1152308" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16884/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20192810-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4a2ab83b" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2810=1 SUSE Linux Enterprise Module for Containers 15-SP1:zypper in -t patch SUSE-SLE-Module-Containers-15-SP1-2019-2810=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:runc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:runc-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", reference:"runc-1.0.0~rc8-1.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"runc-debuginfo-1.0.0~rc8-1.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "runc"); }NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-2_0-0241_DOCKER.NASL description An update of the docker package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136568 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136568 title Photon OS 2.0: Docker PHSA-2020-2.0-0241 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2020-2.0-0241. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(136568); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/15"); script_cve_id("CVE-2019-16884"); script_name(english:"Photon OS 2.0: Docker PHSA-2020-2.0-0241"); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the docker package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-2-241.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16884"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2020/05/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/13"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:docker"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-2.0", cpu:"x86_64", reference:"docker-18.06.2-10.ph2")) flag++; if (rpm_check(release:"PhotonOS-2.0", cpu:"x86_64", reference:"docker-doc-18.06.2-10.ph2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "docker"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2418.NASL description This update for docker-runc fixes the following issues : - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130448 published 2019-11-01 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130448 title openSUSE Security Update : docker-runc (openSUSE-2019-2418) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-2418. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(130448); script_version("1.3"); script_cvs_date("Date: 2019/12/17"); script_cve_id("CVE-2019-16884"); script_name(english:"openSUSE Security Update : docker-runc (openSUSE-2019-2418)"); script_summary(english:"Check for the openSUSE-2019-2418 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for docker-runc fixes the following issues : - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1152308" ); script_set_attribute( attribute:"solution", value:"Update the affected docker-runc packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-runc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-runc-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp150.5.28.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-lp150.5.28.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "docker-runc / docker-runc-debuginfo"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-3940.NASL description An update for runc is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat last seen 2020-06-01 modified 2020-06-02 plugin id 131217 published 2019-11-22 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131217 title RHEL 8 : OpenShift Container Platform 4.1.24 runc (RHSA-2019:3940) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:3940. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(131217); script_version("1.2"); script_cvs_date("Date: 2019/12/09"); script_cve_id("CVE-2019-16884"); script_xref(name:"RHSA", value:"2019:3940"); script_name(english:"RHEL 8 : OpenShift Container Platform 4.1.24 runc (RHSA-2019:3940)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An update for runc is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the runC container image for Red Hat OpenShift Container Platform 4.1.24. The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides a container runtime. Security Fix(es) : * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at the /proc directory (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3940" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16884" ); script_set_attribute(attribute:"solution", value:"Update the affected runc package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:runc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:3940"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"runc-1.0.0-62.rc8.rhaos4.1.git3cbe540.el8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "runc"); } }NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2786-1.NASL description This update for docker-runc fixes the following issues : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 130345 published 2019-10-28 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130345 title SUSE SLED15 / SLES15 Security Update : docker-runc (SUSE-SU-2019:2786-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:2786-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(130345); script_version("1.3"); script_cvs_date("Date: 2019/12/17"); script_cve_id("CVE-2019-16884"); script_name(english:"SUSE SLED15 / SLES15 Security Update : docker-runc (SUSE-SU-2019:2786-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for docker-runc fixes the following issues : CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1152308" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16884/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20192786-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?64c20836" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2786=1 SUSE Linux Enterprise Module for Containers 15-SP1:zypper in -t patch SUSE-SLE-Module-Containers-15-SP1-2019-2786=1 SUSE Linux Enterprise Module for Containers 15:zypper in -t patch SUSE-SLE-Module-Containers-15-2019-2786=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:docker-runc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:docker-runc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:docker-runc-kubic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:docker-runc-kubic-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", reference:"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.24.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "docker-runc"); }NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-1_0-0292_DOCKER.NASL description An update of the docker package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136552 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136552 title Photon OS 1.0: Docker PHSA-2020-1.0-0292 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2020-1.0-0292. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(136552); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/15"); script_cve_id("CVE-2019-13139", "CVE-2019-13509", "CVE-2019-16884"); script_bugtraq_id(109253); script_name(english:"Photon OS 1.0: Docker PHSA-2020-1.0-0292"); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the docker package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-1.0-292.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16884"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/18"); script_set_attribute(attribute:"patch_publication_date", value:"2020/05/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/13"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:docker"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-1.0", cpu:"x86_64", reference:"docker-18.09.9-2.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", cpu:"x86_64", reference:"docker-doc-18.09.9-2.ph1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "docker"); }NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-3_0-0088_DOCKER.NASL description An update of the docker package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136576 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136576 title Photon OS 3.0: Docker PHSA-2020-3.0-0088 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2020-3.0-0088. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(136576); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/15"); script_cve_id("CVE-2019-16884"); script_name(english:"Photon OS 3.0: Docker PHSA-2020-3.0-0088"); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the docker package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-3.0-88.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16884"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2020/05/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/13"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:docker"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:3.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 3\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 3.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"docker-18.06.2-12.ph3")) flag++; if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"docker-doc-18.06.2-12.ph3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "docker"); }NASL family Fedora Local Security Checks NASL id FEDORA_2019-BD4843561C.NASL description Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129702 published 2019-10-08 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129702 title Fedora 31 : 2:runc (2019-bd4843561c) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-bd4843561c. # include("compat.inc"); if (description) { script_id(129702); script_version("1.3"); script_cvs_date("Date: 2019/12/19"); script_cve_id("CVE-2019-16884"); script_xref(name:"FEDORA", value:"2019-bd4843561c"); script_name(english:"Fedora 31 : 2:runc (2019-bd4843561c)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-bd4843561c" ); script_set_attribute( attribute:"solution", value:"Update the affected 2:runc package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:runc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^31([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC31", reference:"runc-1.0.0-101.rc9.gitc1485a1.fc31", epoch:"2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:runc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-45.NASL description This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Security issue fixed : - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308). Bug fixes : - Update to Docker 19.03.5-ce (bsc#1158590). - Update to Docker 19.03.3-ce (bsc#1153367). - Update to Docker 19.03.2-ce (bsc#1150397). - Fixed default installation such that --userns-remap=default works properly (bsc#1143349). - Fixed nginx blocked by apparmor (bsc#1122469). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 132914 published 2020-01-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132914 title openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2020-45) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2020-45. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(132914); script_version("1.2"); script_cvs_date("Date: 2020/01/17"); script_cve_id("CVE-2019-16884"); script_name(english:"openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2020-45)"); script_summary(english:"Check for the openSUSE-2020-45 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Security issue fixed : - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308). Bug fixes : - Update to Docker 19.03.5-ce (bsc#1158590). - Update to Docker 19.03.3-ce (bsc#1153367). - Update to Docker 19.03.2-ce (bsc#1150397). - Fixed default installation such that --userns-remap=default works properly (bsc#1143349). - Fixed nginx blocked by apparmor (bsc#1122469). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122469" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1143349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1150397" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1152308" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1153367" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1158590" ); script_set_attribute( attribute:"solution", value:"Update the affected containerd / docker / docker-runc / etc packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:containerd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:containerd-ctr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-libnetwork"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-libnetwork-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-runc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-runc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-test-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:docker-zsh-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:golang-github-docker-libnetwork"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"containerd-1.2.10-lp151.2.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"containerd-ctr-1.2.10-lp151.2.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-bash-completion-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-debuginfo-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-lp151.2.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-libnetwork-debuginfo-0.7.0.1+gitr2877_3eb39382bfa6-lp151.2.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-lp151.3.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-runc-debuginfo-1.0.0rc8+gitr3917_3e425f80a8c9-lp151.3.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-test-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-test-debuginfo-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"docker-zsh-completion-19.03.5_ce-lp151.2.15.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"golang-github-docker-libnetwork-0.7.0.1+gitr2877_3eb39382bfa6-lp151.2.9.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "containerd / containerd-ctr / docker-runc / docker-runc-debuginfo / etc"); }NASL family Fedora Local Security Checks NASL id FEDORA_2019-96946C39DD.NASL description Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129952 published 2019-10-16 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129952 title Fedora 30 : 2:runc (2019-96946c39dd) NASL family Fedora Local Security Checks NASL id FEDORA_2019-3FC86A518B.NASL description Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129951 published 2019-10-16 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129951 title Fedora 29 : 2:runc (2019-3fc86a518b) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-4269.NASL description From Red Hat Security Advisory 2019:4269 : An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318) * backport json-file logging support to 1.4.2 (BZ#1770176) * Selinux won last seen 2020-06-01 modified 2020-06-02 plugin id 132667 published 2020-01-06 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132667 title Oracle Linux 8 : container-tools:ol8 (ELSA-2019-4269) (Ping Flood) (Reset Flood) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-4269.NASL description An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318) * backport json-file logging support to 1.4.2 (BZ#1770176) * Selinux won last seen 2020-05-23 modified 2019-12-18 plugin id 132234 published 2019-12-18 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132234 title RHEL 8 : container-tools:rhel8 (RHSA-2019:4269) (Ping Flood) (Reset Flood) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0035-1.NASL description This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Security issue fixed : CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308). Bug fixes: Update to Docker 19.03.5-ce (bsc#1158590). Update to Docker 19.03.3-ce (bsc#1153367). Update to Docker 19.03.2-ce (bsc#1150397). Fixed default installation such that --userns-remap=default works properly (bsc#1143349). Fixed nginx blocked by apparmor (bsc#1122469). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 132743 published 2020-01-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132743 title SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2020:0035-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4297-1.NASL description It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-16884) It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue to escalate privileges. (CVE-2019-19921). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2020-03-10 plugin id 134367 published 2020-03-10 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134367 title Ubuntu 18.04 LTS / 19.10 : runc vulnerabilities (USN-4297-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202003-21.NASL description The remote host is affected by the vulnerability described in GLSA-202003-21 (runC: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in runC. Please review the CVE identifiers referenced below for details. Impact : An attacker, by running a malicious Docker image, could escape the container, bypass security restrictions, escalate privileges or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-03-19 modified 2020-03-16 plugin id 134598 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134598 title GLSA-202003-21 : runC: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-4074.NASL description An update for runc is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat last seen 2020-06-01 modified 2020-06-02 plugin id 131678 published 2019-12-04 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131678 title RHEL 8 : OpenShift Container Platform 4.2 runc (RHSA-2019:4074) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2434.NASL description This update for docker-runc fixes the following issues : - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 130577 published 2019-11-06 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130577 title openSUSE Security Update : docker-runc (openSUSE-2019-2434)
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- https://github.com/opencontainers/runc/issues/2128
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html
- https://access.redhat.com/errata/RHSA-2019:3940
- https://access.redhat.com/errata/RHSA-2019:4074
- https://access.redhat.com/errata/RHSA-2019:4269
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html
- https://security.gentoo.org/glsa/202003-21
- https://usn.ubuntu.com/4297-1/
- https://security.netapp.com/advisory/ntap-20220221-0004/
- https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html
- https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/