Skip to content
This repository has been archived by the owner on Jan 9, 2020. It is now read-only.

CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem #45

Open
bruceg opened this issue Feb 21, 2019 · 1 comment
Open

CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem #45

bruceg opened this issue Feb 21, 2019 · 1 comment

Comments

@bruceg
Copy link

bruceg commented Feb 21, 2019

Is railcar vulnerable to this exploit? I tried using the docker-based exploit, but it requires the use of the "railcar exec" command, which is not yet implemented. Does that mean it is not possible to exploit it with railcar?

ref: https://nvd.nist.gov/vuln/detail/CVE-2019-5736
@bruceg bruceg changed the title CVE-2019-5736 CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem Feb 21, 2019
@delandtj
Copy link

that does it mean indeed...
OTOH.. it's pity that Vish stopped working on that :'( toy

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bruceg @delandtj