Delete   Set public   Set private
Daily Weekly Monthly

Daily Shaarli

Previous day
All links of one day in a single page.
Next day

March 19, 2026

CVE-2025-52881: fd reopening causes issues with AppArmor profiles (`open sysctl net.ipv4.ip_unprivileged_port_start file: reopen fd 8: permission denied`) · Issue #4968 · opencontainers/runc
thumbnail

TL; DR This is caused by a design flaw in AppArmor when running runc (or Docker/Podman/containerd) inside a nested container that has an AppArmor profile applied (the very short explanation is that AppArmor incorrectly thinks that when r...