CVE-2023-28642
AppArmor bypass with symlinked /proc in github.com/opencontainers/runc
6.1
MEDIUM
CVSS 3.1
EPSS 0.01%
Description
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
How to fix CVE-2023-28642
To remediate CVE-2023-28642, upgrade the affected package to a fixed version below.
- —upgrade to 1.0.0~rc93+ds1-5+deb11u5 or later
- —upgrade to 1.1.5 or later
- —upgrade to 1.1.5 or later
Is CVE-2023-28642 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 1.0.0~rc93+ds1-5+deb11u5
- from 0, < 1.1.5
- from 0, < 1.1.5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |