Detections
Analytics
openSUSE Security Update : docker-runc (openSUSE-2019-201)
high Nessus Plugin ID 122301
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
This update for docker-runc fixes the following issues :Security issue fixed :
- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container breakout (bsc#1121967)
This update was imported from the SUSE:SLE-12:Update update project.
Solution
Update the affected docker-runc packages.See Also
Plugin Details
Severity: High
ID: 122301
File Name: openSUSE-2019-201.nasl
Version: 1.6
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 2/19/2019
Updated: 6/19/2024
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 10.0
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-5736
CVSS v3
Risk Factor: High
Base Score: 8.6
Temporal Score: 8.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:docker-runc-debuginfo, p-cpe:/a:novell:opensuse:docker-runc-kubic-test, p-cpe:/a:novell:opensuse:docker-runc-kubic-debugsource, p-cpe:/a:novell:opensuse:docker-runc-kubic, p-cpe:/a:novell:opensuse:docker-runc-kubic-debuginfo, p-cpe:/a:novell:opensuse:docker-runc, p-cpe:/a:novell:opensuse:docker-runc-debugsource, p-cpe:/a:novell:opensuse:docker-runc-test, cpe:/o:novell:opensuse:42.3
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/18/2019
Vulnerability Publication Date: 2/11/2019
Exploitable With
Metasploit (Docker Container Escape Via runC Overwrite)
Reference Information
CVE: CVE-2019-5736