CVE-2019-5736
Public on 2019-02-08
Modified on 2019-02-11
Description
A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system.
Severity
CVSS v3 Base Score
See breakdown
Affected Packages
Platform | Package | Release Date | Advisory | Status |
---|---|---|---|---|
Amazon Linux 1 | docker | 2019-02-08 | ALAS-2019-1156 | Fixed |
CVSS Scores
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 7.7 | CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H |
NVD | CVSSv2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
NVD | CVSSv3 | 8.6 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |