virus logo FortiClient Vulnerability

runc: not using pivot_root allows mounting of /proc

description-logoDescription

Not using pivot_root(2) leaves the host /proc around in the mount namespace so that it is possible to mount another /proc without any other submount, even if /proc in the container is not fully visible. This flaw allows an attacker to read and modify some parts of the Linux kernel memory.

affected-products-logoAffected Applications

runc

Other References

https://bugzilla.redhat.com/show_bug.cgi?id=1663068
ID 56587
Created Feb 22, 2023
Description
Updated		 Feb 22, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Fedora
Patch auto
Application runc