![](https://img.photobucket.com/albums/v704/chanpicco/chanpicco014/Docker-runc0vul-Feb-2019_zps6jdpperr.jpg)
Preface: runc is a CLI tool for spawning and running containers according to the OCI specification.
Vulnerability: Found vulnerability on runc affecting several open-source container management systems that leverage runc
Impact: The vulnerability allows a malicious container to overwrite the host runc binary and thus gain root-level
code execution on the host. But exploit this vulnerability requires user interaction.
Remedy: Official announcement:
Redhat – https://access.redhat.com/security/vulnerabilities/runcescape
AWS – https://aws.amazon.com/security/security-bulletins/AWS-2019-002/