CVE-2019-5736
CVSS v3.1
8.6 (High)
CVSS v2.0
9.3 (High)
EPSS
0.43 % (75th)
Affected Products
19
Advisories
51
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
Weaknesses
- CWE-78
- Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Related CVEs
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2019-02-11 19:29:00
(5 years ago) - Updated Date
-
2024-02-02 12:15:48
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Configuration #6
|
Configuration #7
|
Configuration #8
|
Configuration #9
|
Configuration #10
|
Configuration #11
|
Configuration #12
|
Configuration #13
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...