Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Dismissed
(browse all)
Permalink CVE-2024-5154
updated 1 year, 1 month ago by @LeSuisse Activity log
  • Created automatic suggestion 1 year, 1 month ago
  • @fricklerhandwerk accepted 1 year, 1 month ago
  • @fricklerhandwerk marked as untriaged 1 year, 1 month ago
  • @fricklerhandwerk accepted 1 year, 1 month ago
  • @LeSuisse dismissed 1 year, 1 month ago
Cri-o: malicious container can create symlink on host

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.

Affected products

cri-o
  • <1.30.1
  • <1.28.7
  • *
  • <1.29.5
rhcos
  • *
conman
conmon
kernel
  • *
openshift
  • *
container-tools:rhel8/podman

Matching in nixpkgs

pkgs.cri-o

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.cri-o-unwrapped

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

Package maintainers