Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2021-30465

CVE-2021-30465

HIGH8.5

runc before 1

Published May 27, 2021

Modified 1 years ago

Details

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

References

http://www.openwall.com/lists/oss-security/2021/05/19/2

https://bugzilla.opensuse.org/show_bug.cgi?id=1185405

https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f

https://github.com/opencontainers/runc/releases

https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r

https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV/

https://security.gentoo.org/glsa/202107-26

https://security.netapp.com/advisory/ntap-20210708-0003/

https://www.cve.org/CVERecord?id=CVE-2021-30465

CVSS Analysis

CVSS v3.1

8.5

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

HighAC:H

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

ChangedS:C

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

8.5/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Ecosystems

Timeline

PublishedMay 27, 2021

ModifiedAug 3, 2024

CVE-2021-30465 | Mondoo Vulnerability Intelligence