A vulnerability, which was classified as problematic, has been found in opencontainers runc up to 1.1.13/1.2.0-rc2. Affected by this issue is the function
os.MkdirAll
. The manipulation leads to race condition enabling link following.
This vulnerability is handled as CVE-2024-45310. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.