Adsons

    ArchLinux: 201902-6: runc: privilege escalation

    Date12 Feb 2019
    CategoryArchLinux
    165
    Posted ByLinuxSecurity Advisories
    The package runc before version 1.0.0rc6-1 is vulnerable to privilege escalation.
    Arch Linux Security Advisory ASA-201902-6
    =========================================
    
    Severity: High
    Date    : 2019-02-11
    CVE-ID  : CVE-2019-5736
    Package : runc
    Type    : privilege escalation
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-878
    
    Summary
    =======
    
    The package runc before version 1.0.0rc6-1 is vulnerable to privilege
    escalation.
    
    Resolution
    ==========
    
    Upgrade to 1.0.0rc6-1.
    
    # pacman -Syu "runc>=1.0.0rc6-1"
    
    The problem has been fixed upstream in version 1.0.0rc6.
    
    Workaround
    ==========
    
    Don't run privileged containers.
    
    Description
    ===========
    
    A vulnerability discovered in runc through 1.0-rc6, as used in Docker
    before 18.09.2 and other products, allows attackers to overwrite the
    host runc binary (and consequently obtain host root access) by
    leveraging the ability to execute a command as root within one of these
    types of containers: (1) a new container with an attacker-controlled
    image, or (2) an existing container, to which the attacker previously
    had write access, that can be attached with docker exec. This occurs
    because of file-descriptor mishandling, related to /proc/self/exe.
    
    Impact
    ======
    
    A malicious container can escalate privileges to gain access as root on
    the host system and execute arbitrary code.
    
    References
    ==========
    
    https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
    https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
    https://www.openwall.com/lists/oss-security/2019/02/11/2
    https://security.archlinux.org/CVE-2019-5736
    
    

    Comments powered by CComment

    Sidebar Ad

    LinuxSecurity Poll

    Does your company/organization utilize open-source software?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    5
    radio
    bottom200