github.com/google/gvisor/runsc/boot/filter is a Container Runtime Sandbox.
Affected versions of this package are vulnerable to Access Restriction Bypass. Within the
seccomp sandbox, it permits access to the
renameat system call, which allowed attackers to rename files on the host OS.
Upgrade to commit 001a4c or later.
Do your applications use this vulnerable package?