AmazonALAS-2019-1156

HistoryFeb 08, 2019 - 10:28 p.m.

Important: docker

2019-02-0822:28:00

alas.aws.amazon.com

203

8.6 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.6%

JSON

Issue Overview:

A vulnerability was discovered in runc, which is used by Docker to run containers. runc did not prevent container processes from modifying the runc binary via /proc/self/exe. A malicious container could replace the runc binary, resulting in container escape and privilege escalation. This was fixed by creating a per-container copy of runc.(CVE-2019-5736)

Affected Packages:

docker

Issue Correction:
Run yum update docker to update your system.

New Packages:

src:  
    docker-18.06.1ce-7.25.amzn1.src  
  
x86_64:  
    docker-debuginfo-18.06.1ce-7.25.amzn1.x86_64  
    docker-18.06.1ce-7.25.amzn1.x86_64

Additional References

Red Hat: CVE-2019-5736

Mitre: CVE-2019-5736

OSVersionArchitecturePackageVersionFilename
Amazon Linux1x86_64docker-debuginfo< 18.06.1ce-7.25.amzn1docker-debuginfo-18.06.1ce-7.25.amzn1.x86_64.rpm
Amazon Linux1x86_64docker< 18.06.1ce-7.25.amzn1docker-18.06.1ce-7.25.amzn1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	x86_64	docker-debuginfo	< 18.06.1ce-7.25.amzn1	docker-debuginfo-18.06.1ce-7.25.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	docker	< 18.06.1ce-7.25.amzn1	docker-18.06.1ce-7.25.amzn1.x86_64.rpm

oraclelinux 9

nessus 41

suse 6

ibm 6

impervablog 1

osv 6

fedora 18

githubexploit 11

hackerone 3

zdt 3

cve 3

openvas 31

ubuntucve 3

redhat 5

photon 4

threatpost 5

vmware 2

exploitpack 1

f5 1

virtuozzo 1

mageia 2

trendmicroblog 2

veracode 2

redhatcve 2

qualysblog 1

thn 2

archlinux 2

alpinelinux 1

altlinux 2

prion 3

kitploit 4

almalinux 1

cbl_mariner 1

checkpoint_advisories 1

debiancve 3

cloudfoundry 1

cisco 1

rocky 1

metasploit 1

packetstorm 1

ubuntu 1

rapid7blog 1

github 1

gentoo 1

attackerkb 1

oraclelinux

runc bug fix update

2021-04-28 00:00:00

container-tools:rhel8 security and bug fix update

2019-07-30 00:00:00

docker-engine docker-cli security update

2020-06-12 00:00:00

nessus

Fedora 28 : moby-engine (2019-829524f28f)

2019-02-19 00:00:00

Fedora 28 : 2:runc (2019-963ea958f9)

2019-02-21 00:00:00

EulerOS 2.0 SP5 : docker-engine (EulerOS-SA-2019-1074)

2019-03-08 00:00:00

suse

Security update for lxc (moderate)

2019-10-03 00:00:00

Security update for docker-runc (important)

2019-02-27 00:00:00

Security update for lxc (moderate)

2019-10-07 00:00:00

ibm

Security Bulletin: IBM Cloud Private for Data is affected by an issue with runc used by Docker

2019-10-03 22:50:40

Security Bulletin: IBM Cloud Functions is affected by a privilege escalation vulnerability in runc

2019-02-18 20:15:01

Security Bulletin: IBM API Connect is affected by a critical vulnerability in Kubernetes via runc (CVE-2019-5736)

2019-03-05 17:05:02

impervablog

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

2019-03-04 21:00:39

osv

Important: container-tools:rhel8 security and bug fix update

2019-05-07 03:39:11

CVE-2019-5736

2019-02-11 19:29:00

Important: container-tools:rhel8 security and bug fix update

2019-05-07 03:39:11

fedora

[SECURITY] Fedora 29 Update: python3-lxc-3.0.4-1.fc29

2019-09-06 12:59:40

[SECURITY] Fedora 30 Update: lxcfs-3.0.4-1.fc30

2019-09-06 12:35:28

[SECURITY] Fedora 29 Update: moby-engine-18.06.0-2.ce.git0ffa825.fc29

2019-02-19 14:04:24

githubexploit

Exploit for OS Command Injection in Docker

2019-06-30 13:42:14

Exploit for OS Command Injection in Docker

2019-12-12 16:57:13

Exploit for OS Command Injection in Docker

2021-07-08 22:46:30

hackerone

Internet Bug Bounty: CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host

2019-02-13 18:50:11

50m-ctf: CTF write-up: c8889970d9fb722066f31e804e351993

2019-03-03 10:08:22

50m-ctf: $50 million CTF Writeup

2019-03-25 02:28:13

zdt

runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)

2019-02-15 00:00:00

runC < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Exploit

2019-02-12 00:00:00

Docker Container Escape Exploit

2021-07-01 00:00:00

cve

CVE-2019-5736

2019-02-11 19:29:00

CVE-2020-14298

2020-07-13 21:15:00

CVE-2019-12499

2019-05-31 12:29:00

openvas

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2019-1074)

2020-01-23 00:00:00

Fedora Update for runc FEDORA-2019-6174b47003

2019-05-07 00:00:00

Fedora Update for runc FEDORA-2019-963ea958f9

2019-02-21 00:00:00

ubuntucve

CVE-2019-5736

2019-02-11 00:00:00

CVE-2019-12499

2019-05-31 00:00:00

CVE-2020-14298

2020-07-13 00:00:00

redhat

(RHSA-2019:0304) Important: docker security update

2019-02-11 14:26:20

(RHSA-2019:0303) Important: runc security update

2019-02-11 14:24:53

(RHSA-2019:0408) Important: OpenShift Container Platform 3.4, 3.5, 3.6, and 3.7 security update

2019-02-26 09:31:21

photon

Important Photon OS Security Update - PHSA-2019-0001

2019-02-12 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0208

2019-02-12 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0129

2019-02-13 00:00:00

threatpost

Public Clouds & Shared Responsibility: Lessons from Vulnerability Disclosure

2021-10-26 21:22:26

Major Container Security Flaw Threatens Cascading Attacks

2019-02-12 18:28:41

Rethinking Cyber-Defense Strategies in the Public-Cloud Age

2022-04-19 17:29:49

vmware

VMware product updates resolve mishandled file descriptor vulnerability in runc container runtime.

2019-02-15 00:00:00

VMware product updates resolve mishandled file descriptor vulnerability in runc container runtime.

2019-02-15 00:00:00

exploitpack

runc 1.0-rc6 (Docker 18.09.2) - Container Breakout (2)

2019-02-13 00:00:00

K46421255 : Docker privilege elevation vulnerability CVE-2019-5736

2019-03-01 00:00:00

virtuozzo

Important kernel security update: Virtuozzo ReadyKernel patch 72.0 for all supported Virtuozzo kernels and that of Virtuozzo Infrastructure Platform 2.5

2019-02-12 00:00:00

mageia

Updated opencontainers-runc packages fix security vulnerability

2019-02-13 14:08:25

Updated lxc packages fix security vulnerability

2019-02-17 03:31:02

trendmicroblog

This Week in Security News: Instagram Hackers and Enterprise Threats

2019-03-01 14:57:50

Attacking Containers and runC

2019-02-12 19:22:35

veracode

Malicious Container Execution

2019-02-12 02:31:29

Remote Code Execution

2020-06-24 03:08:12

redhatcve

CVE-2019-5736

2020-01-11 09:33:43

CVE-2020-14298

2020-06-23 19:26:46

qualysblog

RunC Container Breakout Vulnerability

2019-02-12 15:46:10

thn

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

2021-09-10 05:07:00

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts

2019-02-12 08:59:00

archlinux

[ASA-201902-6] runc: privilege escalation

2019-02-11 00:00:00

[ASA-201902-20] flatpak: privilege escalation

2019-02-17 00:00:00

alpinelinux

CVE-2019-5736

2019-02-11 19:29:00

altlinux

Security fix for the ALT Linux 8 package runc version 1.0.0-alt7.git0a012df

2019-02-20 00:00:00

Security fix for the ALT Linux 10 package runc version 1.0.0-alt7.git0a012df

2019-02-13 00:00:00

prion

Design/Logic Flaw

2019-02-11 19:29:00

Design/Logic Flaw

2020-07-13 21:15:00

Command injection

2019-05-31 12:29:00

kitploit

Whoc - A Container Image That Extracts The Underlying Container Runtime

2021-11-24 11:30:00

Kubesploit - A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang

2021-04-22 12:30:00

Botb - A Container Analysis And Exploitation Tool For Pentesters And Engineers

2019-09-10 20:33:00

almalinux

Important: container-tools:rhel8 security and bug fix update

2019-05-07 03:39:11

cbl_mariner

CVE-2019-5736 affecting package moby-buildx 0.4.1-3

2021-07-08 21:56:42

checkpoint_advisories

runc Container Escape (CVE-2019-5736)

2019-02-14 00:00:00

debiancve

CVE-2019-5736

2019-02-11 19:29:00

CVE-2020-14298

2020-07-13 21:15:00

CVE-2019-12499

2019-05-31 12:29:00

cloudfoundry

CVE-2019-5736: runC container breakout | Cloud Foundry

2019-02-13 00:00:00

cisco

Container Privilege Escalation Vulnerability Affecting Cisco Products: February 2019

2019-02-15 17:00:00

rocky

container-tools:rhel8 security and bug fix update

2019-05-07 03:39:11

metasploit

Docker Container Escape Via runC Overwrite

2021-06-30 09:02:11

packetstorm

Docker Container Escape

2021-07-01 00:00:00

ubuntu

Docker vulnerabilities

2019-07-08 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-07-02 18:44:54

github

runc vulnerable to container breakout through process.cwd trickery and leaked fds

2024-01-31 22:44:08

gentoo

runC: Multiple vulnerabilities

2020-03-15 00:00:00

attackerkb

CVE-2019-5736

2019-02-11 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.6 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.6%

JSON

Related for ALAS-2019-1156