Hi Community,
This article describes the Sophos response to vulnerability CVE-2019-5736 that allows a malicious container with minimal user interaction to overwrite the host runc binary and thus gain root-level code execution on the host. The level of user interaction is being able to run any command as root within a container in either of these contexts:
- Creating a new container using an attacker-controlled image.
- Attaching (Docker exec) into an existing container which the attacker had previous write access to.
Please visit this KBA for more info.
This thread was automatically locked due to age.
