Breaking out of Docker via runC – Explaining CVE-2019-5736

Last week (2019-02-11) a new vulnerability in runC was reported by its maintainers, originally found by Adam Iwaniuk and Borys Poplawski. Dubbed CVE-2019-5736, it affects Docker containers running in default settings and can be used by an attacker to gain root-level access on the host. Aleksa Sarai, one of runC’s maintainers, found that the same … Continue reading Breaking out of Docker via runC – Explaining CVE-2019-5736