Candidate: CVE-2019-5736
PublicDate: 2019-02-11 19:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736
 https://www.openwall.com/lists/oss-security/2019/02/11/2
Description:
 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products,
 allows attackers to overwrite the host runc binary (and consequently obtain
 host root access) by leveraging the ability to execute a command as root
 within one of these types of containers: (1) a new container with an
 attacker-controlled image, or (2) an existing container, to which the
 attacker previously had write access, that can be attached with docker
 exec. This occurs because of file-descriptor mishandling, related to
 /proc/self/exe.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H [8.6 HIGH]
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H [8.6 HIGH]


Patches_runc:
upstream_runc: needs-triage
precise/esm_runc: DNE
trusty_runc: DNE
trusty/esm_runc: DNE
xenial_runc: released (1.0.0~rc2+docker1.13.1-0ubuntu1~16.04.1)
bionic_runc: released (1.0.0~rc4+dfsg1-6ubuntu0.18.04.1)
cosmic_runc: released (1.0.0~rc4+dfsg1-6ubuntu0.18.10.1)
disco_runc: not-affected (1.0.0~rc7+git20190403.029124da-0ubuntu1)
devel_runc: not-affected (1.0.0~rc7+git20190403.029124da-0ubuntu1)

Patches_docker.io:
upstream_docker.io: needs-triage
precise/esm_docker.io: DNE
trusty_docker.io: ignored (reached end-of-life)
trusty/esm_docker.io: DNE (trusty was needed)
xenial_docker.io: released (18.06.1-0ubuntu1.2~16.04.1)
bionic_docker.io: released (18.06.1-0ubuntu1.2~18.04.1)
cosmic_docker.io: released (18.06.1-0ubuntu1.2)
disco_docker.io: not-affected (18.09.5-0ubuntu1)
devel_docker.io: not-affected (18.09.5-0ubuntu1)