GO-2024-2458
- Source
- https://pkg.go.dev/vuln/GO-2024-2458
- Import Source
- https://vuln.go.dev/ID/GO-2024-2458.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-2458
- Aliases
- Published
- 2024-06-28T15:28:53Z
- Modified
- 2024-06-28T15:58:33.081759Z
- Summary
- CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
- Details
-
CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
- References
-
- https://github.com/cri-o/cri-o/security/advisories/GHSA-p4rx-7wvg-fwrc
- https://nvd.nist.gov/vuln/detail/CVE-2023-6476
- https://github.com/cri-o/cri-o/commit/75effcb1a25851a736e82dba1f7d8cee93ee159e
- https://github.com/cri-o/cri-o/pull/4479
- https://access.redhat.com/errata/RHSA-2024:0195
- https://access.redhat.com/errata/RHSA-2024:0207
- https://access.redhat.com/security/cve/CVE-2023-6476
- https://bugzilla.redhat.com/show_bug.cgi?id=2253994
- https://github.com/cri-o/cri-o/blob/main/pkg/config/workloads.go#L103-L107
Affected packages
Go / github.com/cri-o/cri-o
Package
- Name
- github.com/cri-o/cri-o
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/cri-o/cri-o