adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cve-2024-21626 review

Browse Source
This commit is contained in:
h00die
2024-02-02 16:27:02 -05:00
parent 1c73cf938f
commit cf2f76e6a2
2 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/modules/exploit/linux/local/runc_cwd_priv_esc.md
+2 -2
View File
@@ -2,7 +2,7 @@
All versions of runc <=1.1.11, as used by containerization technologies such as Docker engine,
and Kubernetes are vulnerable to an arbitrary file write.
Due to a file descriptor leak it is possible to mount the the host file system
Due to a file descriptor leak it is possible to mount the host file system
with the permissions of runc (typically root).
Successfully tested on Ubuntu 22.04 with runc 1.1.7-0ubuntu1~22.04.1 using Docker build.
@@ -22,7 +22,7 @@ Successfully tested on Ubuntu 22.04 with runc 1.1.7-0ubuntu1~22.04.1 using Docke
## DOCKERIMAGE
A docker image to use, docker image must have linux commands
avaialble (`scratch` won't work). Defaults to `alpine:latest`
available (`scratch` won't work). Defaults to `alpine:latest`
## FILEDESCRIPTOR