It was discovered that runc, a command line client for running applications packaged according to the Open Container Format (OCF), was suspectible to multiple container breakouts due to an internal file descriptor leak.
https://security-tracker.debian.org/tracker/DSA-5615-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5615-1
Continue reading...