CVE-2023-7258

Summary

A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6

Affected Software

VendorProductVersion RangeStatus
GoogleGvisor0b983ff832b175e406f4f9b1a3868457bb1ceb7b < 6a112c60a257dadac59962e0bc9e9b5aee70b5b6affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References