oss-sec mailing list archives
Re: CVE-2019-5736: runc container breakout (all versions)
From: Aleksa Sarai <asarai () suse de>
Date: Wed, 13 Feb 2019 20:09:34 +1100
On 2019-02-13, Loganaden Velvindron <loganaden () gmail com> wrote:
I think that someone already posted a PoC on github, AFAIK.
Yes, there is a PoC that someone outside of the embargo posted on GitHub (it is quite different to the one we have but it is using a related issue which our patch also fixed). At this point I might as well post the actual exploit code (given that the original vulnerability authors have published a blog post that basically outlines the exploit[1]). [1]: https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html -- Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH <https://www.cyphar.com/>
Attachment:
signature.asc
Description:
Current thread:
- CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 11)
- Re: CVE-2019-5736: runc container breakout (all versions) Florian Weimer (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Steve Grubb (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Solar Designer (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Loganaden Velvindron (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Florian Weimer (Feb 12)