what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2019-5736

Status Candidate

Overview

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Related Files

Docker runc Command Execution Proof Of Concept
Posted Dec 8, 2021
Authored by Frichetten | Site github.com

Docker proof of concept command execution exploit that leverages runc.

tags | exploit, proof of concept
advisories | CVE-2019-5736
SHA-256 | d839ae3cbe28eac31921153401a56b44bcb7aa9e71186e649af207b24a2573d0
Docker Container Escape
Posted Jul 1, 2021
Authored by Christophe de la Fuente, Spencer McIntyre, Nick Frichette, Borys Poplawski, Adam Iwaniuk | Site metasploit.com

This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites the runc binary with the payload and waits for someone to use docker exec to get into the container. This will trigger the payload execution. Note that executing this exploit carries important risks regarding the Docker installation integrity on the target and inside the container.

tags | exploit, root
advisories | CVE-2019-5736
SHA-256 | cccb41227aca832e89e9a6f586e66617bdec002e1dded9d5addd44548302edb1
Gentoo Linux Security Advisory 202003-21
Posted Mar 15, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-21 - Multiple vulnerabilities have been discovered in runC, the worst of which may lead to privilege escalation. Versions less than 1.0.0_rc10 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2019-16884, CVE-2019-19921, CVE-2019-5736
SHA-256 | b654f470c0bc3ea5e9d17a7e1065315ea14d4f317417da2d5c835cd169d7bb2b
Red Hat Security Advisory 2019-0975-01
Posted May 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0975-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a runc binary overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | 361971a901acb2e5cf0317a4e5d2151265c70d089dbf99e7b20cc0f66d6a31cf
Red Hat Security Advisory 2019-0408-01
Posted Feb 26, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a file descriptor handling issue in runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | f242eb1bc1a662c6c05d8031be82a78052768334224c021465f22ec8423fba33
Red Hat Security Advisory 2019-0401-01
Posted Feb 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0401-01 - Red Hat Container Development Kit is a platform for developing containerized applications; a set of tools that enables developers to quickly and easily set up an environment for developing and testing containerized applications on the Red Hat Enterprise Linux platform. This update, Container Development Kit 3.7.0-1, includes an updated Red Hat Enterprise Linux ISO that contains fixes for the following security issues. Issues addressed include the execution of malicious containers.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | 759d2adf071aeaf6478fd33f86e690edde93f3c811abd79b79d7deb90e41debf
VMware Security Advisory 2019-0001
Posted Feb 16, 2019
Authored by VMware | Site vmware.com

VMware Security Advisory 2019-0001 - VMware product updates resolve a mishandled file descriptor vulnerability in the runc container runtime.

tags | advisory
advisories | CVE-2019-5736
SHA-256 | 182b2d347dd43689d08de951414f38dec6cbfee1283ab2a56d93675d7c162451
runc Container Breakout
Posted Feb 14, 2019
Authored by Embargo

This is exploit code for CVE-2019-5736 (and it works for both runc and LXC). The simplest way to use it is to copy the exploit code into an existing container, and run make.sh. However, you could just as easily create a bad image and run that. This affects runc versions prior to 1.0-rc6 (Docket versions less than 18.09.2).

tags | exploit
advisories | CVE-2019-5736
SHA-256 | e01e406be8b1999dde189059f1ddaad10d163445cf54c9c979d58d3168afb1f2
runc Host Command Execution
Posted Feb 13, 2019
Authored by FEEXD

runc versions prior to 1.0-rc6 (Docker < 18.09.2 host command execution proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2019-5736
SHA-256 | 58916ca55bef8e91b57754a95171d834f060a1120be8c793a1c442c3724d99cb
Red Hat Security Advisory 2019-0304-01
Posted Feb 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0304-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include an overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | 581a1305c7a081ecdf9695e54daa99bafd4246f49cec1a80ccaefbf6eb34bbd8
Red Hat Security Advisory 2019-0303-01
Posted Feb 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0303-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. Issues addressed include an overwrite vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-5736
SHA-256 | aaa2d1b7c5e79ab037789efaa9ce871476609fd4528b344eaff16402594e3064
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close