CNNVD-202512-198 Information
CNNVD ID
CNNVD-202512-198
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
Singularity是Sylabs Inc.开源的一个开源容器平台。 singularity存在安全漏洞,该漏洞源于LSM标签写入操作可能被重定向,可能导致安全限制失效。
Description (English)
Singularity is an open-source container platform at the Sylabs Inc. open source. There is a security loophole in singularity, which stems from the possibility of re-direction of LSM tag writing operations, which could result in security restrictions being rendered ineffective.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Sylabs Inc.
Published
2025-12-02
Last Modified
2026-02-24
References
https://github.com/advisories/GHSA-fh74-hm69-rqjw https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm https://github.com/sylabs/singularity/commit/27882963879a7af1699fd6511c3f5f1371d80f33 https://github.com/sylabs/singularity/commit/5af3e790c40593591dfc26d0692e4d4b21c29ba0 https://github.com/sylabs/singularity/pull/3850 https://github.com/sylabs/singularity/security/advisories/GHSA-wwrx-w7c9-rf87
Patch
https://github.com/sylabs/singularity/releases
Share on: