Some POCs or Exploits for vulnerabilities
Exploit for CVE-2019-5736 Version 1 (inspired by original idea DragonSector) use a maliciousso(which used by runc) with malicious entry point (like #!/proc/self/exe) to hijack the execution of runc, and then open '/proc/self/exe' to hold the file descriptor Then 'fork-exec' to run another process, and the child process will inherit the file descriptor F