AVG-893 log
Package | lxc |
Status | Not affected |
Severity | High |
Type | privilege escalation |
Affected | 1:3.1.0-1 |
Fixed | Not affected |
Current | 1:6.0.2-1 [extra] |
Ticket | None |
Created | Tue Feb 12 00:05:59 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-5736 | High | Yes | Privilege escalation | A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... |
References |
---|
https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d https://linuxcontainers.org/lxc/security/ |
Notes |
---|
LXC is also impacted in a similar manner by this vulnerability, however as the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. |