AVG-893 log
| Package | lxc |
| Status | Not affected |
| Severity | High |
| Type | privilege escalation |
| Affected | 1:3.1.0-1 |
| Fixed | Not affected |
| Current |
1:6.0.0-2 [extra-testing] 1:6.0.0-1 [extra] |
| Ticket | None |
| Created | Tue Feb 12 00:05:59 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-5736 | High | Yes | Privilege escalation | A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... |
| References |
|---|
https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d https://linuxcontainers.org/lxc/security/ |
| Notes |
|---|
LXC is also impacted in a similar manner by this vulnerability, however as the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. |