1. Home
  2. Vulnerabilities
  3. CVE-2019-5736

CVE-2019-5736

CVSS v3.1 8.6 (High)
86% Progress
CVSS v2.0 9.3 (High)
93% Progress
EPSS 0.43 % (75th)
0.43% Progress
Affected Products 19
Advisories 51
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Weaknesses
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Related CVEs
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2019-02-11 19:29:00
(5 years ago)
Updated Date
2024-02-02 12:15:48
(7 months ago)

Affected Products

Apache

Canonical

D2iq

Docker

Fedoraproject

Google

Hp

Linuxcontainers

Linuxfoundation

Microfocus

Netapp

Opensuse

Redhat

Configuration #1

    CPE23 From Up To
  Docker prior 18.09.2 version cpe:2.3:a:docker:docker < 18.09.2

Configuration #2

    CPE23 From Up To
  Linuxfoundation Runc 0.1.1 and prior versions cpe:2.3:a:linuxfoundation:runc <= 0.1.1
  Linuxfoundation Runc 1.0.0 Rc1 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1
  Linuxfoundation Runc 1.0.0 Rc2 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2
  Linuxfoundation Runc 1.0.0 Rc3 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3
  Linuxfoundation Runc 1.0.0 Rc4 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4
  Linuxfoundation Runc 1.0.0 Rc5 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5
  Linuxfoundation Runc 1.0.0 Rc6 cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6

Configuration #3

    CPE23 From Up To
  Redhat Container Development Kit 3.7 cpe:2.3:a:redhat:container_development_kit:3.7
  Redhat Openshift 3.4 cpe:2.3:a:redhat:openshift:3.4
  Redhat Openshift 3.5 cpe:2.3:a:redhat:openshift:3.5
  Redhat Openshift 3.6 cpe:2.3:a:redhat:openshift:3.6
  Redhat Openshift 3.7 cpe:2.3:a:redhat:openshift:3.7
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0

Configuration #4

    CPE23 From Up To
  Google Kubernetes Engine cpe:2.3:a:google:kubernetes_engine:-

Configuration #5

    CPE23 From Up To
  Linuxcontainers Lxc prior 3.2.0 version cpe:2.3:a:linuxcontainers:lxc < 3.2.0

Configuration #6

    CPE23 From Up To
  Hp Onesphere cpe:2.3:a:hp:onesphere:-

Configuration #7

    CPE23 From Up To
  Netapp Hci Management Node cpe:2.3:a:netapp:hci_management_node:-
  Netapp Solidfire cpe:2.3:a:netapp:solidfire:-

Configuration #8

    CPE23 From Up To
  Apache Mesos from 1.4.0 version and prior 1.4.3 version cpe:2.3:a:apache:mesos >= 1.4.0 < 1.4.3
  Apache Mesos from 1.5.0 version and prior 1.5.3 version cpe:2.3:a:apache:mesos >= 1.5.0 < 1.5.3
  Apache Mesos from 1.6.0 version and prior 1.6.2 version cpe:2.3:a:apache:mesos >= 1.6.0 < 1.6.2
  Apache Mesos from 1.7.0 version and prior 1.7.2 version cpe:2.3:a:apache:mesos >= 1.7.0 < 1.7.2

Configuration #9

    CPE23 From Up To
  Opensuse Backports Sle 15.0 cpe:2.3:a:opensuse:backports_sle:15.0:-
  Opensuse Backports Sle 15.0 SP1 cpe:2.3:a:opensuse:backports_sle:15.0:sp1
  Opensuse Leap 15.0 cpe:2.3:o:opensuse:leap:15.0
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1
  Opensuse Leap 42.3 cpe:2.3:o:opensuse:leap:42.3

Configuration #10

    CPE23 From Up To
  D2iq Kubernetes Engine prior 2.2.0-1.13.3 version cpe:2.3:a:d2iq:kubernetes_engine < 2.2.0-1.13.3
  D2iq Dc/os prior 1.10.10 version cpe:2.3:o:d2iq:dc\%2fos < 1.10.10
  D2iq Dc/os from 1.10.11 version and prior 1.11.9 version cpe:2.3:o:d2iq:dc\%2fos >= 1.10.11 < 1.11.9
  D2iq Dc/os from 1.11.10 version and prior 1.12.1 version cpe:2.3:o:d2iq:dc\%2fos >= 1.11.10 < 1.12.1

Configuration #11

    CPE23 From Up To
  Fedoraproject Fedora 29 cpe:2.3:o:fedoraproject:fedora:29
  Fedoraproject Fedora 30 cpe:2.3:o:fedoraproject:fedora:30

Configuration #12

    CPE23 From Up To
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 18.10 cpe:2.3:o:canonical:ubuntu_linux:18.10
  Canonical Ubuntu Linux 19.04 cpe:2.3:o:canonical:ubuntu_linux:19.04

Configuration #13

    CPE23 From Up To
  Microfocus Service Management Automation 2018.02 cpe:2.3:a:microfocus:service_management_automation:2018.02
  Microfocus Service Management Automation 2018.05 cpe:2.3:a:microfocus:service_management_automation:2018.05
  Microfocus Service Management Automation 2018.08 cpe:2.3:a:microfocus:service_management_automation:2018.08
  Microfocus Service Management Automation 2018.11 cpe:2.3:a:microfocus:service_management_automation:2018.11