CVE-2021-30465

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2021-30465
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2021-05-27 13:15:00 UTC
Updated2023-11-07 03:33:00 UTC
Descriptionrunc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

Risk And Classification

Problem Types: CWE-362

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Fedoraproject Fedora 33 All All All
Operating System Fedoraproject Fedora 34 All All All
Application Linuxfoundation Runc 1.0.0 rc1 All All
Application Linuxfoundation Runc 1.0.0 rc10 All All
Application Linuxfoundation Runc 1.0.0 rc2 All All
Application Linuxfoundation Runc 1.0.0 rc3 All All
Application Linuxfoundation Runc 1.0.0 rc4 All All
Application Linuxfoundation Runc 1.0.0 rc5 All All
Application Linuxfoundation Runc 1.0.0 rc6 All All
Application Linuxfoundation Runc 1.0.0 rc7 All All
Application Linuxfoundation Runc 1.0.0 rc8 All All
Application Linuxfoundation Runc 1.0.0 rc9 All All
Application Linuxfoundation Runc 1.0.0 rc90 All All
Application Linuxfoundation Runc 1.0.0 rc91 All All
Application Linuxfoundation Runc 1.0.0 rc92 All All
Application Linuxfoundation Runc 1.0.0 rc93 All All
Application Linuxfoundation Runc 1.0.0 rc94 All All
Application Linuxfoundation Runc All All All All

References

ReferenceSourceLinkTags
Releases · opencontainers/runc · GitHub MISC github.com
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs · Advisory · opencontainers/runc · GitHub CONFIRM github.com
[SECURITY] Fedora 33 Update: runc-1.0.0-378.rc95.fc33 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
runC: Container breakout (GLSA 202107-26) — Gentoo security GENTOO security.gentoo.org
[SECURITY] Fedora 33 Update: runc-1.0.0-378.rc95.fc33 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org
[SECURITY] [DLA 3369-1] runc security update MLIST lists.debian.org
rootfs: add mount destination validation · opencontainers/runc@0ca91f4 · GitHub MISC github.com
Bug 1185405 – VUL-0: CVE-2021-30465: runc: vulnerable to symlink-exchange attack MISC bugzilla.opensuse.org
[SECURITY] Fedora 34 Update: runc-1.0.0-378.rc95.fc34 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org
[SECURITY] Fedora 34 Update: runc-1.0.0-378.rc95.fc34 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
oss-security - CVE-2021-30465: runc <1.0.0-rc95 vulnerable to symlink-exchange attack MISC www.openwall.com
CVE-2021-30465 Opencontainers-runc Vulnerability in NetApp Products | NetApp Product Security CONFIRM security.netapp.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 159256 Oracle Enterprise Linux Security Update for container-tools:2.0 (ELSA-2021-2291)
  • 159272 Oracle Enterprise Linux Security Update for runc (ELSA-2021-9298)
  • 159273 Oracle Enterprise Linux Security Update for container-tools:3.0 (ELSA-2021-2370)
  • 159274 Oracle Enterprise Linux Security Update for container-tools:ol8 (ELSA-2021-2371)
  • 159283 Oracle Enterprise Linux Security Update for docker-engine docker-cli (ELSA-2021-15112)
  • 159293 Oracle Enterprise Linux Security Update for docker-engine docker-cli (ELSA-2021-9329)
  • 159381 Oracle Enterprise Linux Security Update for runc (ELSA-2021-14902)
  • 180379 Debian Security Update for runc (CVE-2021-30465)
  • 181640 Debian Security Update for runc (DLA 3369-1)
  • 198378 Ubuntu Security Notification for runC vulnerability (USN-4960-1)
  • 239346 Red Hat Update for runc (RHSA-2021:2145)
  • 239347 Red Hat Update for docker (RHSA-2021:2144)
  • 239352 Red Hat Update for OpenShift Container Platform 4.5.40 (RHSA-2021:2057)
  • 239357 Red Hat Update for OpenShift Container Platform 4.6.30 packages and (RHSA-2021:1566)
  • 239358 Red Hat Update for OpenShift Container Platform 4.7.12 packages and (RHSA-2021:1562)
  • 239384 Red Hat Update for container-tools:rhel8 (RHSA-2021:2371)
  • 239385 Red Hat Update for container-tools:3.0 (RHSA-2021:2370)
  • 239410 Red Hat Update for container-tools:2.0 (RHSA-2021:2292)
  • 239411 Red Hat Update for container-tools:2.0 (RHSA-2021:2291)
  • 239425 Red Hat Update for OpenShift Container Platform 3.11.452 bug fix and (RHSA-2021:2150)
  • 281122 Fedora Security Update for runc (FEDORA-2021-2eb67ba3c2)
  • 281123 Fedora Security Update for runc (FEDORA-2021-0440f235a0)
  • 352304 Amazon Linux Security Advisory for runc: ALAS-2021-1499
  • 353051 Amazon Linux Security Advisory for runc : ALAS2NITRO-ENCLAVES-2021-008
  • 353064 Amazon Linux Security Advisory for runc : ALAS2DOCKER-2021-008
  • 377121 Alibaba Cloud Linux Security Update for container-tools:rhel8 (ALINUX3-SA-2021:0034)
  • 501240 Alpine Linux Security Update for runc
  • 502105 Alpine Linux Security Update for k3s
  • 6140085 AWS Bottlerocket Security Update for runc (GHSA-f38j-qm72-5cp9)
  • 670534 EulerOS Security Update for docker-engine (EulerOS-SA-2021-2292)
  • 670765 EulerOS Security Update for docker-engine (EulerOS-SA-2021-2523)
  • 670789 EulerOS Security Update for docker-engine (EulerOS-SA-2021-2547)
  • 672866 EulerOS Security Update for docker-engine (EulerOS-SA-2023-1618)
  • 673220 EulerOS Security Update for docker-engine (EulerOS-SA-2023-2352)
  • 673225 EulerOS Security Update for docker-engine (EulerOS-SA-2023-2378)
  • 710050 Gentoo Linux runC Container breakout (GLSA 202107-26)
  • 750127 SUSE Enterprise Linux Security Update for runc (SUSE-SU-2021:1885-1)
  • 750155 SUSE Enterprise Linux Security Update for containerd, docker, runc (SUSE-SU-2021:1954-1)
  • 750648 OpenSUSE Security Update for containerd, docker, runc (openSUSE-SU-2021:0878-1)
  • 750812 OpenSUSE Security Update for containerd, docker, runc (openSUSE-SU-2021:1954-1)
  • 751272 SUSE Enterprise Linux Security Update for containerd, docker, runc (SUSE-SU-2021:3506-1)
  • 751273 OpenSUSE Security Update for containerd, docker, runc (openSUSE-SU-2021:3506-1)
  • 751303 OpenSUSE Security Update for containerd, docker, runc (openSUSE-SU-2021:1404-1)
  • 770060 Red Hat OpenShift Container Platform 4.7.12 Packages and Security Update (RHSA-2021:1562)
  • 770061 Red Hat OpenShift Container Platform 4.6.30 Packages and Security Update (RHSA-2021:1566)
  • 770062 Red Hat OpenShift Container Platform 4.5.40 Security and Bug Fix Update (RHSA-2021:2057)
  • 770092 Red Hat OpenShift Container Platform 4.7 Security Update (RHSA-2021-1562)
  • 770098 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021-1566)
  • 770117 Red Hat OpenShift Container Platform 4.5 Security Update (RHSA-2021-2057)
  • 940119 AlmaLinux Security Update for container-tools:rhel8 (ALSA-2021:2371)
  • 940303 AlmaLinux Security Update for container-tools:2.0 (ALSA-2021:2291)
  • 940347 AlmaLinux Security Update for container-tools:3.0 (ALSA-2021:2370)
  • 960017 Rocky Linux Security Update for container-tools:3.0 (RLSA-2021:2370)
  • 960060 Rocky Linux Security Update for container-tools:rhel8 (RLSA-2021:2371)
  • 960089 Rocky Linux Security Update for container-tools:2.0 (RLSA-2021:2291)
  • 982011 Go (go) Security Update for github.com/opencontainers/runc (GHSA-c3xm-pvg7-gh7r)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report