National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2019-5736 Detail

Description

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Source:  MITRE
Description Last Modified:  02/11/2019

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://www.securityfocus.com/bid/106976
https://access.redhat.com/errata/RHSA-2019:0303
https://access.redhat.com/errata/RHSA-2019:0304
https://access.redhat.com/security/cve/cve-2019-5736
https://access.redhat.com/security/vulnerabilities/runcescape
https://aws.amazon.com/security/security-bulletins/AWS-2019-002/
https://brauner.github.io/2019/02/12/privileged-containers.html
https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc
https://github.com/docker/docker-ce/releases/tag/v18.09.2
https://github.com/Frichetten/CVE-2019-5736-PoC
https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d
https://github.com/q3k/cve-2019-5736-poc
https://github.com/rancher/runc-cve
https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/
https://www.exploit-db.com/exploits/46359/
https://www.exploit-db.com/exploits/46369/
https://www.openwall.com/lists/oss-security/2019/02/11/2
https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/

Technical Details

Vulnerability Type (View All)

Change History

6 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2019-5736
NVD Published Date:
02/11/2019
NVD Last Modified:
02/16/2019