runc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description CLI tool for managing OCI compliant containers
Version 1.0.0rc9-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-878 1.0.0rc5+168+g079817cc-1 1.0.0rc6-1 High Fixed
AVG-134 0.1.1-4 1.0.0rc5+19+g69663f0b-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-5736 AVG-878 High Yes Privilege escalation
A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary...
CVE-2016-9962 AVG-134 High No Privilege escalation
The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows...

Advisories

Date Advisory Group Severity Description
11 Feb 2019 ASA-201902-6 AVG-878 High privilege escalation
16 May 2018 ASA-201805-11 AVG-134 High privilege escalation