MGASA-2020-0050

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2019-16884
Published: 28 Jan 2020, 07:52
Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

28 Jan 2020, 07:52
Published
Vulnerability first disclosed
16 Apr 2026, 04:26
Last Modified
Vulnerability information updated

Description

Updated opencontainers-runc packages fix security vulnerability runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory (CVE-2019-16884).

Affected Systems

  • mageiaopencontainers-runc

    < 1.0.0-0.rc9.3.mga7

References (3)