A vulnerability discovered in the runC container management tool has exposed multiple privileged container systems to a potential exploit through which attackers could allow malware to escape a container and compromise an entire host system.
Designated CVE-2019-5736, the flaw allows attackers to use a malicious container to overwrite the host runC binary during the execution a command as root, thereby granting themselves root access to the host. This works under two scenarios: when using a new container with an attacker-controlled image or when attaching into an existing container to which the attackers previously had write access.
Aleksa Sarai, a long-time contributor to the Open Container Initiative (OCI), which develops runC, acknowledged the flaw in a Tuesday post on Openwall.com, noting that OCI has already issued a patch, and will release exploit code on Feb. 18 to help container vendors ensure that these fixes will resolve the issue.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.