Lucene search
K

4 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/07/02 6:44 p.m.192 views

Metasploit Wrap-Up

Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker...

9.3CVSS0.6AI score0.9857EPSS
Exploits52
Gitee
Gitee
added 2020/08/05 2:30 p.m.9 views

Exploit for OS Command Injection in Docker

CVE-2019-5736 is a vulnerability in the runc container runtime that allows for container escape. The exploit works by overwriting the runc binary with a malicious version, which is then executed when a container is run. The vulnerability is present in the runc binary, which is responsible for...

9.3CVSS7.4AI score0.9857EPSS
Exploits33
RedHat Linux
RedHat Linux
added 2019/05/07 4:19 a.m.13 views

runc: Execution of malicious containers allows for container escape and access to host filesystem

A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system...

9.3CVSS7AI score0.9857EPSS
Exploits33References7
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/18 12:0 a.m.112 views

Security update for docker-runc (important)

openSUSE Security Update: Security update for docker-runc Announcement ID: openSUSE-SU-2019:0201-1 Rating: important References: 1121967 Cross-References: CVE-2019-5736 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for...

9.3CVSS7.5AI score0.9857EPSS
Exploits33References1
Rows per page
Query Builder