Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: CVE-2019-5736: runc container breakout (all versions)

Related Vulnerabilities: CVE-2019-5736  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: CVE-2019-5736: runc container breakout (all versions)

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Aleksa Sarai &lt;asarai () suse de&gt;

Date: Wed, 13 Feb 2019 20:09:34 +1100

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
On 2019-02-13, Loganaden Velvindron &lt;loganaden () gmail com&gt; wrote:
I think that someone already posted a PoC on github, AFAIK.

Yes, there is a PoC that someone outside of the embargo posted on
GitHub (it is quite different to the one we have but it is using a
related issue which our patch also fixed). At this point I might as well
post the actual exploit code (given that the original vulnerability
authors have published a blog post that basically outlines the
exploit[1]).

[1]: https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html

-- 
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
&lt;https://www.cyphar.com/&gt;
Attachment:
signature.asc
Description: 

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 11)

Re: CVE-2019-5736: runc container breakout (all versions) Florian Weimer (Feb 12)

Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)

Re: CVE-2019-5736: runc container breakout (all versions) Steve Grubb (Feb 12)

Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)

Re: CVE-2019-5736: runc container breakout (all versions) Solar Designer (Feb 12)

Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)

Re: CVE-2019-5736: runc container breakout (all versions) Loganaden Velvindron (Feb 13)
Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started