[Sophos Notification] Advisory: Sophos response to CVE-2019-5736 vulnerability published against Docker and LXC

Hi Community,

This article describes the Sophos response to vulnerability CVE-2019-5736 that allows a malicious container with minimal user interaction to overwrite the host runc binary and thus gain root-level code execution on the host. The level of user interaction is being able to run any command as root within a container in either of these contexts:

  • Creating a new container using an attacker-controlled image.
  • Attaching (Docker exec) into an existing container which the attacker had previous write access to.

Please visit this KBA for more info.