vulnerability

SUSE: CVE-2019-5736: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
2019-02-11
Added
2019-02-20
Modified
2022-02-04

Description

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Solution(s)

suse-upgrade-containerdsuse-upgrade-containerd-ctrsuse-upgrade-containerd-testsuse-upgrade-dockersuse-upgrade-docker-bash-completionsuse-upgrade-docker-libnetworksuse-upgrade-docker-runcsuse-upgrade-docker-runc-testsuse-upgrade-docker-testsuse-upgrade-docker-zsh-completionsuse-upgrade-flatpaksuse-upgrade-flatpak-develsuse-upgrade-flatpak-zsh-completionsuse-upgrade-gosuse-upgrade-go-docsuse-upgrade-go-racesuse-upgrade-go1-11suse-upgrade-go1-11-docsuse-upgrade-go1-11-racesuse-upgrade-go1-12suse-upgrade-go1-12-docsuse-upgrade-go1-12-racesuse-upgrade-golang-github-docker-libnetworksuse-upgrade-libflatpak0suse-upgrade-liblxc-develsuse-upgrade-liblxc1suse-upgrade-lxcsuse-upgrade-lxc-bash-completionsuse-upgrade-lxcfssuse-upgrade-lxcfs-hooks-lxcsuse-upgrade-pam_cgfssuse-upgrade-runcsuse-upgrade-runc-testsuse-upgrade-system-user-flatpaksuse-upgrade-typelib-1_0-flatpak-1_0

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today