CVE-2019-5736 Vulnerabilities

Recently, there is a new vulnerabilities which announce in runc (an popular container platforms called Docker & Kubernetes).

How the Vulnerability work?

The attacker can use an exploit in a bug within runc to get access privileges of root on the Operating System that runs the container. As a result, the attacker can gain an unlimited access as root to the server. However, this vulnerabilities will not work if all the security practice (SELinux) is in place.

Mitigating CVE-2019-5736 Impacting RunC and Docker (Source: Youtube)
Docker Host Root Vulnerability – Security Byte(Source: Youtube)

For more details on this vulnerabilities, you can read the article here  

Source: Docker Container Escape Vulnerability With PoC (CVE-2019-5736)

Author: Wan Ariff

Leave a Reply

Your email address will not be published. Required fields are marked *