https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/
More than a week ago (2019-02-11) a new vulnerability in runC was reported by its maintainers. Dubbed CVE-2019-5736, it affects Docker containers running in default settings and can be used by an attacker to gain root-level access on the host. The same fundamental flaw exists in LXC.
Both runC and LXC were patched and new versions were released.
For more details take a look at
RunC-CVE-2019-5736/malicious_image_POC
1 Comment
William Martial says:
This is something that needs attention.