runc up to and including 1.0-rc6, as used in Docker prior to 18.09.2 and other products, allows malicious users to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
docker docker |
||
linuxfoundation runc 1.0.0 |
||
linuxfoundation runc |
||
redhat enterprise linux server 7.0 |
||
redhat openshift 3.4 |
||
redhat openshift 3.7 |
||
redhat openshift 3.6 |
||
redhat openshift 3.5 |
||
redhat enterprise linux 8.0 |
||
redhat container development kit 3.7 |
||
google kubernetes engine - |
||
linuxcontainers lxc |
||
hp onesphere - |
||
netapp solidfire - |
||
netapp hci management node - |
||
apache mesos |
||
opensuse leap 42.3 |
||
opensuse leap 15.0 |
||
opensuse leap 15.1 |
||
opensuse backports sle 15.0 |
||
d2iq kubernetes engine |
||
d2iq dc\\/os |
||
fedoraproject fedora 29 |
||
fedoraproject fedora 30 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
||
canonical ubuntu linux 19.04 |
||
microfocus service management automation 2018.05 |
||
microfocus service management automation 2018.02 |
||
microfocus service management automation 2018.08 |
||
microfocus service management automation 2018.11 |
'Doomsday scenario' unless devops crowd walks this way Docker invites elderly Windows Server apps to spend remaining days in supervised care
Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability affecting runc, the default container runtime for Docker, containerd, Podman, and CRI-O. "While there are very few incidents that could qualify as a doomsday scenario for enterprise IT, a cascading set of exploits affecting a wide range of interconnected production systems qualifies...and that’s exactly what this vulnerability represents," said Scott McCarty, principal product manager for contain...