ArchLinux: 201902-6: runc: privilege escalation

    Date12 Feb 2019
    CategoryArchLinux
    384
    Posted ByLinuxSecurity Advisories
    The package runc before version 1.0.0rc6-1 is vulnerable to privilege escalation.
    Arch Linux Security Advisory ASA-201902-6
    =========================================
    
    Severity: High
    Date    : 2019-02-11
    CVE-ID  : CVE-2019-5736
    Package : runc
    Type    : privilege escalation
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-878
    
    Summary
    =======
    
    The package runc before version 1.0.0rc6-1 is vulnerable to privilege
    escalation.
    
    Resolution
    ==========
    
    Upgrade to 1.0.0rc6-1.
    
    # pacman -Syu "runc>=1.0.0rc6-1"
    
    The problem has been fixed upstream in version 1.0.0rc6.
    
    Workaround
    ==========
    
    Don't run privileged containers.
    
    Description
    ===========
    
    A vulnerability discovered in runc through 1.0-rc6, as used in Docker
    before 18.09.2 and other products, allows attackers to overwrite the
    host runc binary (and consequently obtain host root access) by
    leveraging the ability to execute a command as root within one of these
    types of containers: (1) a new container with an attacker-controlled
    image, or (2) an existing container, to which the attacker previously
    had write access, that can be attached with docker exec. This occurs
    because of file-descriptor mishandling, related to /proc/self/exe.
    
    Impact
    ======
    
    A malicious container can escalate privileges to gain access as root on
    the host system and execute arbitrary code.
    
    References
    ==========
    
    https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
    https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
    https://www.openwall.com/lists/oss-security/2019/02/11/2
    https://security.archlinux.org/CVE-2019-5736
    
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"56","title":"No","votes":"0","type":"x","order":"2","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.