CVE-2019-5736 allows for an escape to host attack in specific container configurations.
A new vulnerability (CVE-2019-5736) was recently announced in runc, the runtime used by popular container platforms Docker and Kubernetes. The disclosure for this vulnerability details how a malicious container can escape its sandbox and execute arbitrary commands on the host. This attack does, however, come with some caveats, and isn’t exploitable in certain configurations that follow good security practices.
In order to properly exploit this vulnerability, a malicious or compromised container would need to be deployed, and uid 0 would need to be mapped to that container. Docker has documentation for namespace configuration which, with proper application, prevents this attack from being exploitable on vulnerable hosts. The malicious container then either runs commands as root or piggybacks off an administrator running any other unrelated commands as root to exploit the host.
Many organizations use third-party prepackaged containers to solve business needs. An attacker could compromise one of these prepackaged containers with malicious code, or they could craft a malicious container that advertises itself as fulfilling some other needed enterprise function. This is the most likely way an external threat actor would be able to deploy a rogue container into an enterprise environment.
Red Hat, Debian, Amazon Web Services (AWS), Google Cloud Platform (GCP), Docker, NVIDIA, and Kubernetes have published blogs or security advisories that include information about the vulnerability as well as the availability of security updates for this vulnerability. Building containers in a development environment, and scanning and securing them before production deployment will reduce the likelihood of inadvertently deploying malicious images. Also avoid using images running as root whenever possible to minimize risk.
The disclosure by the researchers includes the following mitigations:
- Setting SELinux to enforcing mode on containers prevents them from being able to overwrite the host runc binary (Note that researchers discovered that this does not work for Fedora based hosts.)
- If the host runc binary is set to read only, a malicious container wouldn’t be able to overwrite and exploit it.
- A low privileged user inside the container or a new user namespace with uid 0 mapped to that user removes write access to the runc binary on the host.
Identifying affected systems
A list of Nessus plugins to identify this vulnerability will appear here as they’re released.
Get more information
- Dragon Sector Disclosure
- Docker Namespace Documentation
- Linux Namespace Explanation
- Red Hat Update Information
- Debian Update Information
- Amazon/AWS Update Information
- Google Update Information
- Docker Update Information
- Nvidia Update Information
- Kubernetes Update Information
Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.
Get a free 60-day trial of Tenable.io Vulnerability Management.