In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Privilege Management vulnerabilities in an interactive lesson.
Start learningUpgrade github.com/containerd/containerd/pkg/process
to version 1.3.0-beta.0 or higher.
github.com/containerd/containerd/pkg/process is an open and reliable container runtime.
Affected versions of this package are vulnerable to Improper Privilege Management. Due to the usage of unix.Kill
to kill a exec process, the pid in execProcess does not get deleted after a exec process has been stopped. Under certain conditions, it might be possible to for unprivileged process reuse generated pid and gain access to its privileges.