crun-1.27-1.el9_7
エラータID: AXSA:2026-411:02
リリース日:
2026/04/07 Tuesday - 21:24
題名:
crun-1.27-1.el9_7
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- crun には、ローカルの攻撃者により、特権昇格を可能とする
脆弱性が存在します。(CVE-2026-30892)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2026-30892
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the `crun exec` option `-u` (`--user`) is incorrectly parsed. The value `1` is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected. Version 1.27 patches the issue.
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the `crun exec` option `-u` (`--user`) is incorrectly parsed. The value `1` is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected. Version 1.27 patches the issue.
追加情報:
N/A
ダウンロード:
SRPMS
- crun-1.27-1.el9_7.src.rpm
MD5: b0796af03e8b023f98549bc406c5a77b
SHA-256: 00eee941341f024508b3873c2fcd9349befebb99dba3d53353b1fe2091d4ba41
Size: 880.88 kB
Asianux Server 9 for x86_64
- crun-1.27-1.el9_7.x86_64.rpm
MD5: 11c38968b2b7ca82b98638c89a503591
SHA-256: 842a673e267f6b3758527317aa1a70ba044a0c13cb32bec9511e6a0183c8b70f
Size: 255.51 kB
English