CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2713 – Improper File Permission Handling in Google gVisor runsc
https://notcve.org/view.php?id=CVE-2025-2713
28 Mar 2025 — Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork. • https://github.com/google/gvisor/commit/586c38d70081b13b2ed494cef48e99b93956843e • CWE-269: Improper Privilege Management •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10603
https://notcve.org/view.php?id=CVE-2024-10603
30 Jan 2025 — Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances. • https://github.com/google/gvisor/commit/5d2bf2546805afa09a6f6d9b23ec267823e32205 • CWE-340: Generation of Predictable Numbers or Identifiers •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10026 – Improved Seeding and Hashing In gVisor
https://notcve.org/view.php?id=CVE-2024-10026
30 Jan 2025 — A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances. • https://github.com/google/gvisor/commit/83f75082e5b03fafca9201d9d9939028f712b0b2 • CWE-328: Use of Weak Hash CWE-339: Small Seed Space in PRNG •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20168
https://notcve.org/view.php?id=CVE-2018-20168
17 Dec 2018 — Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application. Google gVisor en versiones anteriores al 22/08/2018 reutiliza una tabla de página en un nivel diferente con la caché paging-structure intacta, lo que permite que los atacantes provoquen una denegación de servicio (pánico de "dirección física no válida") mediante una aplicación manipu... • https://bugs.chromium.org/p/project-zero/issues/detail?id=1674 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19333
https://notcve.org/view.php?id=CVE-2018-19333
17 Nov 2018 — pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled. pkg/sentry/kernel/shm/shm.go en Google gVisor en versiones anteriores a la 2018-11-01 permite que los atacantes sobrescriban ubicaciones de memoria en procesos que se ejecutan como root (pero que no escapan del sandbox) mediante vectores relacionados con l... • https://github.com/google/gvisor/commit/0e277a39c8b6f905e289b75e8ad0594e6b3562ca •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16359
https://notcve.org/view.php?id=CVE-2018-16359
02 Sep 2018 — Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS. Google gVisor en versiones anteriores al 2018-08-23, en el sandbox seccomp, permite el acceso a la llamada del sistema renameat, que permite que los atacantes renombren archivos en el sistema operativo host. • https://bugs.chromium.org/p/project-zero/issues/detail?id=1632 •