VDB
DEBIAN-CVE-2019-5736
DEBIAN-CVE-2019-5736
PUBLISHED
CVSS 8.600000381469727 HIGH
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | lxc | 0, 0, 0 |
| Debian:11 | lxc | 0, 0, 0 |
| Debian:14 | runc | 0, 0, 0 |
| Debian:13 | lxc | 0, 0, 0 |
| Debian:12 | runc | 0, 0, 0 |
| Debian:11 | runc | 0, 0, 0 |
| Debian:13 | runc | 0, 0, 0 |
| Debian:14 | lxc | 0, 0, 0 |
Exploit Intelligence
- Billith/CVE-2019-5736-PoC (github-poc-repo)
- BBRathnayaka/POC-CVE-2019-5736 (github-poc-repo)
- CVE-2019-5736 POCs (github-poc-repo)
- Modified version of CVE-2019-5736-PoC by Frichetten (github-poc-repo)
- CVE-2019-5736 (github-poc-repo)
- Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https://github.com/Frichetten/CVE-2019-5736-PoC.git (github-poc-repo)
- PoC for CVE-2019-5736 (github-poc-repo)
- takumak/cve-2019-5736-reproducer (github-poc-repo)
- si1ent-le/CVE-2019-5736 (github-poc-repo)
- In this project, we found a recent attack through the malicious container and implemented a security mechanism to stop it. (github-poc-repo)
…and 58 more exploits
Timeline
- Feb 11, 2019 CVE Published
- Apr 28, 2026 CVE Updated