Docker (runc) – Malicious container escape – CVE-2019-5736 (11th Feb 2019)

Preface: runc is a CLI tool for spawning and running containers according to the OCI specification.

Vulnerability: Found vulnerability on runc affecting several open-source container management systems that leverage runc

Impact: The vulnerability allows a malicious container to overwrite the host runc binary and thus gain root-level
code execution on the host. But exploit this vulnerability requires user interaction.

Remedy: Official announcement:
Redhat –