Breaking out of Docker via runC – Explaining CVE-2019-5736 | Twistlock

https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/
More than a week ago (2019-02-11) a new vulnerability in runC was reported by its maintainers. Dubbed CVE-2019-5736, it affects Docker containers running in default settings and can be used by an attacker to gain root-level access on the host. The same fundamental flaw exists in LXC.
Both runC and LXC were patched and new versions were released.

For more details take a look at
RunC-CVE-2019-5736/malicious_image_POC

1 Comment

  1. William Martial says:

    This is something that needs attention.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*