CVE-2019-5736 in Ubuntu

CVE-2019-5736 (retired)

Priority

Description

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products,
allows attackers to overwrite the host runc binary (and consequently obtain
host root access) by leveraging the ability to execute a command as root
within one of these types of containers: (1) a new container with an
attacker-controlled image, or (2) an existing container, to which the
attacker previously had write access, that can be attached with docker
exec. This occurs because of file-descriptor mishandling, related to
/proc/self/exe.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736
https://www.openwall.com/lists/oss-security/2019/02/11/2

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050

Package

Source: docker.io (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	released (18.06.1-0ubuntu1.2~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):	released (18.06.1-0ubuntu1.2~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):	released (18.06.1-0ubuntu1.2)
Ubuntu 19.04 (Disco Dingo):	not-affected (18.09.5-0ubuntu1)
Ubuntu 19.10 (Eoan):	not-affected (18.09.5-0ubuntu1)

Package

Source: runc (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (1.0.0~rc2+docker1.13.1-0ubuntu1~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):	released (1.0.0~rc4+dfsg1-6ubuntu0.18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):	released (1.0.0~rc4+dfsg1-6ubuntu0.18.10.1)
Ubuntu 19.04 (Disco Dingo):	not-affected (1.0.0~rc7+git20190403.029124da-0ubuntu1)
Ubuntu 19.10 (Eoan):	not-affected (1.0.0~rc7+git20190403.029124da-0ubuntu1)

More Information

Updated: 2019-06-17 14:14:54 UTC (commit 3e6d9703f811d0853267c7c3a5bc8ea9156fdf9c)