vulnerability
Rocky Linux: CVE-2019-19921: container-tools-rhel8 (RLSA-2020-1650)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | Feb 12, 2020 | Mar 12, 2024 | Aug 13, 2025 |
Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
Feb 12, 2020
Added
Mar 12, 2024
Modified
Aug 13, 2025
Description
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
Solutions
rocky-upgrade-critrocky-upgrade-criurocky-upgrade-criu-debuginforocky-upgrade-criu-debugsourcerocky-upgrade-python3-criurocky-upgrade-runcrocky-upgrade-runc-debuginforocky-upgrade-runc-debugsourcerocky-upgrade-slirp4netnsrocky-upgrade-slirp4netns-debuginforocky-upgrade-slirp4netns-debugsource
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.