Skip to content

Commit

Permalink
OpenInRoot: add CVE link to godoc
Browse files Browse the repository at this point in the history
Signed-off-by: Kir Kolyshkin <[email protected]>
  • Loading branch information
kolyshkin authored and cyphar committed Sep 30, 2024
1 parent cee117f commit b3e2ae6
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion open_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,9 @@ func OpenInRoot(root, unsafePath string) (*os.File, error) {
// maliciously-configured /proc mount. While this attack scenario is not
// common, in container runtimes it is possible for higher-level runtimes to be
// tricked into configuring an unsafe /proc that can be used to attack file
// operations. See CVE-2019-19921 for more details.
// operations. See [CVE-2019-19921] for more details.
//
// [CVE-2019-19921]: https://github.com/advisories/GHSA-fh74-hm69-rqjw
func Reopen(handle *os.File, flags int) (*os.File, error) {
procRoot, err := getProcRoot()
if err != nil {
Expand Down

0 comments on commit b3e2ae6

Please sign in to comment.