CVE-2019-5736

🗓️ 11 Feb 2019 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 12 Media mentions👁 777 Views🌐 WEB

runc through 1.0-rc6 allows attackers to overwrite the host runc binary and obtain host root access by executing a command as root in a new or existing container

Reporter	Title	Published	Views	Family All 334
0day.today	runC < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Exploit	12 Feb 201900:00	–	zdt
0day.today	runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)	15 Feb 201900:00	–	zdt
0day.today	Docker Container Escape Exploit	1 Jul 202100:00	–	zdt
IBM Security Bulletins	Security Bulletin: IBM Cloud Private for Data is affected by an issue with runc used by Docker	3 Oct 201922:50	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Docker affects PowerKVM	17 May 201916:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Private is affected by an issue with runc used by Docker	3 Nov 202122:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Kubernetes affects IBM Watson Studio Local	20 Dec 201913:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Functions is affected by a privilege escalation vulnerability in runc	18 Feb 201920:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is affected by a critical vulnerability in Kubernetes via runc (CVE-2019-5736)	5 Mar 201917:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Kubernetes Service is affected by a privilege escalation vulnerability in runc	18 Feb 201919:10	–	ibm

NVD

Node

docker dockerRange<18.09.2

Node

linuxfoundation runcRange≤0.1.1

linuxfoundation runcMatch1.0.0rc1

linuxfoundation runcMatch1.0.0rc2

linuxfoundation runcMatch1.0.0rc3

linuxfoundation runcMatch1.0.0rc4

linuxfoundation runcMatch1.0.0rc5

linuxfoundation runcMatch1.0.0rc6

Node

redhat container_development_kitMatch3.7

redhat openshiftMatch3.4

redhat openshiftMatch3.5

redhat openshiftMatch3.6

redhat openshiftMatch3.7

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_serverMatch7.0

Node

google kubernetes_engineMatch-

Node

linuxcontainers lxcRange<3.2.0

Node

hp onesphereMatch-

Node

netapp hci_management_nodeMatch-

netapp solidfireMatch-

Node

apache mesosRange1.4.0–1.4.3

apache mesosRange1.5.0–1.5.3

apache mesosRange1.6.0–1.6.2

apache mesosRange1.7.0–1.7.2

Node

opensuse backports_sleMatch15.0-

opensuse backports_sleMatch15.0sp1

opensuse leapMatch15.0

opensuse leapMatch15.1

opensuse leapMatch42.3

Node

d2iq kubernetes_engineRange<2.2.0-1.13.3

d2iq dc/osRange<1.10.10

d2iq dc/osRange1.10.11–1.11.9

d2iq dc/osRange1.11.10–1.12.1

Node

fedoraproject fedoraMatch29

fedoraproject fedoraMatch30

Node

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch18.10

canonical ubuntu_linuxMatch19.04

Node

microfocus service_management_automationMatch2018.02

microfocus service_management_automationMatch2018.05

microfocus service_management_automationMatch2018.08

microfocus service_management_automationMatch2018.11

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/
support	www.support.hpe.com/hpsc/doc/public/display
lists	www.lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html
access	www.access.redhat.com/security/vulnerabilities/runcescape
azure	www.azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/
twistlock	www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/
lists	www.lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html
openwall	www.openwall.com/lists/oss-security/2019/10/24/1
exploit-db	www.exploit-db.com/exploits/46359/
synology	www.synology.com/security/advisory/Synology_SA_19_06

Parameter	Position	Path	Description	CWE
/proc/self/exe	path	/proc/self/exe	Container can overwrite the host runc binary via /proc/self/exe leading to host code execution (CVE-2019-5736).	CWE-78

17 Jun 2026 02:38Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.6

CVSS 29.3

EPSS0.9857