cisco-sa-20190215-runc: Container Privilege Escalation Vulnerability Affecting Cisco Products: February 2019

First published: Fri Feb 15 2019(Updated: )

A vulnerability in the Open Container Initiative runc CLI tool used by multiple products could allow an unauthenticated, remote attacker to escalate privileges on a targeted system. The vulnerability exists because the affected software improperly handles file descriptors related to /proc/self/exe. An attacker could exploit the vulnerability either by persuading a user to create a new container using an attacker-controlled image or by using the docker exec command to attach into an existing container that the attacker already has write access to. A successful exploit could allow the attacker to overwrite the host's runc binary file with a malicious file, escape the container, and execute arbitrary commands with root privileges on the host system. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc

Credit: On February 12 2019 the runc maintainers publicly disclosed this vulnerability on the oss-sec mailing list. This announcement is at the following link: https://seclists.org/oss-sec/2019/q1/119.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/last-modified-date
• collector/cisco-advisory
• source/Cisco
• agent/type
• agent/severity
• agent/event
• agent/first-publish-date
• agent/author
• agent/title
• agent/references
• agent/description
• agent/trending
• agent/source
• agent/tags
• agent/softwarecombine
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/open container initiative
• canonical/opencontainers runc
• vendor/cisco
• canonical/cisco products