CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
AI Score
Confidence
Low
runc can be confused to create empty files/directories on the host in github.com/opencontainers/runc
github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7
github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e
github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf
github.com/opencontainers/runc/pull/4359
github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv
nvd.nist.gov/vuln/detail/CVE-2024-45310