| 1 |
type: security |
| 2 |
subject: Updated opencontainers-runc packages fix security vulnerability |
| 3 |
CVE: |
| 4 |
- CVE-2019-5736 |
| 5 |
src: |
| 6 |
6: |
| 7 |
core: |
| 8 |
- opencontainers-runc-1.0.0rc5-3.2.mga6 |
| 9 |
description: | |
| 10 |
Not using pivot_root(2) leaves the host /proc around in the mount namespace |
| 11 |
so that it is possible to mount another /proc without any other submount, |
| 12 |
even if /proc in the container is not fully visible. This flaw allows an |
| 13 |
attacker to read and modify some parts of the Linux kernel memory |
| 14 |
(rhbz#1663068). |
| 15 |
|
| 16 |
runc through 1.0-rc6 allows attackers to overwrite the host runc binary |
| 17 |
(and consequently obtain host root access) by leveraging the ability to |
| 18 |
execute a command as root within one of these types of containers: a new |
| 19 |
container with an attacker-controlled image, or an existing container, to |
| 20 |
which the attacker previously had write access, that can be attached with |
| 21 |
docker exec. This occurs because of file-descriptor mishandling, related |
| 22 |
to /proc/self/exe (CVE-2019-5736). |
| 23 |
references: |
| 24 |
- https://bugs.mageia.org/show_bug.cgi?id=24253 |
| 25 |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SMFQ54VEZPJT4H2C2TBILCPDX2VMAIZ2/ |
| 26 |
- https://www.openwall.com/lists/oss-security/2019/02/11/2 |
| 27 |
ID: MGASA-2019-0068 |
Parent Directory
| 
Revision Log