JPCERT-AT-2019-0007
JPCERT/CC
2019-02-14
Since confirmed that Proof-of-Concept code for this vulnerability has been made public, JPCERT/CC is releasing the advisory again as a Security Alerts.
- runc 1.0-rc6 and earlier
The affected versions for each distributor are as follows.
- Ubuntu : runc versions prior to 1.0.0~rc4+dfsg1-6ubuntu0.18.10.1
- Debian : runc versions prior to 0.1.1+dfsg1-2
- RedHat Enterprise Linux : docker versions prior to 1.13.1-91.git07f3374.el7
- Amazon Linux : docker versions prior to 18.06.1ce-7.25.amzn1.x86_64
- Docker : docker versions prior to 18.09.2
* Other container services using runc may also be affected by this vulnerability. For the impact of this vulnerability, please check the information on the provider of the container service you are using.
- Ubuntu : runc 1.0.0~rc4+dfsg1-6ubuntu0.18.10.1
- Debian : runc 0.1.1+dfsg1-2
- RedHat Enterprise Linux : docker 1.13.1-91.git07f3374.el7
- Amazon Linux : docker 18.06.1ce-7.25.amzn1.x86_64
- Docker : docker 18.09.2
* As for users of other distributor, please pay attention to the information from each distributor.
MITRE
CVE-2019-5736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736
Openwall
CVE-2019-5736: runc container breakout (all versions)
https://www.openwall.com/lists/oss-security/2019/02/11/2
Github (Docker)
docker/docker-ce Release
https://github.com/docker/docker-ce/releases/tag/v18.09.2
AWS
Container Security Issue (CVE-2019-5736)
https://aws.amazon.com/jp/security/security-bulletins/AWS-2019-002/
Github (Azure)
AKS 2019-02-12 - Hotfix Release
https://github.com/Azure/AKS/releases/tag/2019-02-12
Kubernetes
Runc and CVE-2019-5736
https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/
Ubuntu
CVE-2019-5736 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-5736.html
Redhat
runc - Malicious container escape - CVE-2019-5736
https://access.redhat.com/security/vulnerabilities/runcescape
JPCERT/CC
Regarding Privilege Escalation Vulnerability (CVE-2019-5736) in runc used by Docker, etc. (JAPANESE)
https://www.jpcert.or.jp/newsflash/2019021201.html
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/
JPCERT/CC
2019-02-14
I. Overview
On February 12, 2019 (local time), a vulnerability (CVE-2019-5736) in runc used by Docker containers, etc. has been disclosed. When a user executes a specially crafted container exploiting this vulnerability,the runc binary on the host is unintentionally overwritten. As a result, an arbitrary command may be executed with root privilege on the host on which the container is running.Since confirmed that Proof-of-Concept code for this vulnerability has been made public, JPCERT/CC is releasing the advisory again as a Security Alerts.
II. Affected Products
The following versions are affected by this vulnerability:- runc 1.0-rc6 and earlier
The affected versions for each distributor are as follows.
- Ubuntu : runc versions prior to 1.0.0~rc4+dfsg1-6ubuntu0.18.10.1
- Debian : runc versions prior to 0.1.1+dfsg1-2
- RedHat Enterprise Linux : docker versions prior to 1.13.1-91.git07f3374.el7
- Amazon Linux : docker versions prior to 18.06.1ce-7.25.amzn1.x86_64
- Docker : docker versions prior to 18.09.2
* Other container services using runc may also be affected by this vulnerability. For the impact of this vulnerability, please check the information on the provider of the container service you are using.
III. Solution
Please update to the latest version by referring to the information provided by each distributor.- Ubuntu : runc 1.0.0~rc4+dfsg1-6ubuntu0.18.10.1
- Debian : runc 0.1.1+dfsg1-2
- RedHat Enterprise Linux : docker 1.13.1-91.git07f3374.el7
- Amazon Linux : docker 18.06.1ce-7.25.amzn1.x86_64
- Docker : docker 18.09.2
* As for users of other distributor, please pay attention to the information from each distributor.
IV. References
MITRE
CVE-2019-5736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736
Openwall
CVE-2019-5736: runc container breakout (all versions)
https://www.openwall.com/lists/oss-security/2019/02/11/2
Github (Docker)
docker/docker-ce Release
https://github.com/docker/docker-ce/releases/tag/v18.09.2
AWS
Container Security Issue (CVE-2019-5736)
https://aws.amazon.com/jp/security/security-bulletins/AWS-2019-002/
Github (Azure)
AKS 2019-02-12 - Hotfix Release
https://github.com/Azure/AKS/releases/tag/2019-02-12
Kubernetes
Runc and CVE-2019-5736
https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/
Ubuntu
CVE-2019-5736 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-5736.html
Redhat
runc - Malicious container escape - CVE-2019-5736
https://access.redhat.com/security/vulnerabilities/runcescape
JPCERT/CC
Regarding Privilege Escalation Vulnerability (CVE-2019-5736) in runc used by Docker, etc. (JAPANESE)
https://www.jpcert.or.jp/newsflash/2019021201.html
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-6271-8901 FAX: +81-3-6271-8908
https://www.jpcert.or.jp/english/