runc 1.0.3 -- "If you were waiting for the opportune moment, that was it."
This is the third stable release in the 1.0 branch, fixing a handful of medium
priority issues related to mounts and cgroups, as well as a potential security
vulnerability.
This release is expected to be the last point release in the 1.0 branch, as we
are planning to release runc 1.1 in the near future.
Security:
-
A potential vulnerability was discovered in runc (related to an internal
usage of netlink), however upon further investigation we discovered that
while this bug was exploitable on the master branch of runc, no released
version of runc could be exploited using this bug. The exploit required
being able to create a netlink attribute with a length that would overflow a
uint16 but this was not possible in any released version of runc. For more
information, see GHSA-v95c-p5hm-xq8f and CVE-2021-43784.Due to an abundance of caution we decided to do an emergency release with
this fix, but to reiterate we do not believe this vulnerability was
possible to exploit. Thanks to Felix Wilhelm from Google Project Zero for
discovering and reporting this vulnerability so quickly.
Bugfixes:
- Fixed inability to start a container with read-write bind mount of a
read-only fuse host mount (#3292) - Fixed inability to start when read-only /dev in set in spec (#3277)
- Fixed not removing sub-cgroups upon container delete, when rootless cgroup v2
is used with older systemd (#3297) - Fixed returning error from GetStats when hugetlb is unsupported (which causes
excessive logging for kubernetes) (#3295) - [CI only] Fixed criu 3.16 compatibility issue (#3282)
- [CI only] Add Go 1.17 to the testing matrix (#3299)
Enhancements:
- Improved an error message when dbus-user-session is not installed and
rootless + cgroup2 + systemd are used (#3212)
Static Linking Notices
The runc
binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc
acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors who made this release possible:
- Akihiro Suda [email protected]
- Aleksa Sarai [email protected]
- Kailun Qin [email protected]
- Kang Chen [email protected]
- Kir Kolyshkin [email protected]
- Odin Ugedal [email protected]
- Sebastiaan van Stijn [email protected]
Signed-off-by: Aleksa Sarai [email protected]