Skip to content

gVisor security policy: Clarifications and update for InternalEsc.#12768

Merged
copybara-service[bot] merged 1 commit intomasterfrom
test/cl885823770
Apr 2, 2026
Merged

gVisor security policy: Clarifications and update for InternalEsc.#12768
copybara-service[bot] merged 1 commit intomasterfrom
test/cl885823770

Conversation

@copybara-service
Copy link
Copy Markdown

@copybara-service copybara-service Bot commented Mar 20, 2026

gVisor security policy: Clarifications and update for InternalEsc.

CVEs are no longer issued for InternalEsc issues. Valid reports
of InternalEsc issues submitted prior to this policy change will
still be eligible for compensation.

Also clarify what qualifies for sandbox escape and exfiltration.

@copybara-service copybara-service Bot added the exported Issue was exported automatically label Mar 20, 2026
@copybara-service copybara-service Bot force-pushed the test/cl885823770 branch 2 times, most recently from bbd8945 to c373e6b Compare March 20, 2026 20:09
@EtiennePerot @gvisor-bot
gVisor security policy: Clarifications and update for InternalEsc.
d1ab4fa 
CVEs are no longer issued for `InternalEsc` issues. Valid reports
of `InternalEsc` issues submitted prior to this policy change will
still be eligible for compensation.

Also clarify what qualifies for sandbox escape and exfiltration.

PiperOrigin-RevId: 893706644
@copybara-service copybara-service Bot merged commit d1ab4fa into master Apr 2, 2026
@copybara-service copybara-service Bot deleted the test/cl885823770 branch April 2, 2026 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

exported Issue was exported automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@EtiennePerot