CVE-2019-5736

Published
View on NVD ↗
CVSS v3
8.6
HIGH
CVSS v2
9.3
HIGH
Affected
5
PROJECTS

Description

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

opencontainers/runc
opencontainers/runc
CLI tool for spawning and running containers according to the OCI specification
GitHubGitHub
13.2K
docker-archive/docker-ce
docker-archive/docker-ce
:warning: This repository is deprecated and will be archived (Docker CE itself is NOT deprecated) see the https://github.com/docker/docker-ce/blob/master/README.md :warning:
GitHubGitHub
5.76K
rancher/runc-cve
rancher/runc-cve
CVE patches for legacy runc packaged with Docker
GitHubGitHub
69
q3k/cve-2019-5736-poc
q3k/cve-2019-5736-poc
Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
GitHubGitHub
209
Frichetten/CVE-2019-5736-PoC
Frichetten/CVE-2019-5736-PoC
PoC for CVE-2019-5736
GitHubGitHub
657