CVE-2019-16884

HIGH

runc <1.0.0-rc8 - Privilege Escalation

Title source: llm

Description

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

References (15)

Core 15

Core References

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/

Mailing List, Third Party Advisory vendor-advisory

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html

Mailing List, Third Party Advisory vendor-advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html

Third Party Advisory vendor-advisory

https://access.redhat.com/errata/RHSA-2019:3940

Third Party Advisory vendor-advisory

https://access.redhat.com/errata/RHSA-2019:4074

Third Party Advisory vendor-advisory

https://access.redhat.com/errata/RHSA-2019:4269

Mailing List, Third Party Advisory vendor-advisory

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html

Third Party Advisory vendor-advisory

https://security.gentoo.org/glsa/202003-21

Third Party Advisory vendor-advisory

https://usn.ubuntu.com/4297-1/

Mailing List mailing-list

https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html

Mailing List mailing-list

https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

Exploit, Issue Tracking, Third Party Advisory

https://github.com/opencontainers/runc/issues/2128

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220221-0004/

Scores

CVSS v3 7.5

EPSS 0.0032

EPSS Percentile 55.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-863

Status published

Products (22)

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

docker/docker < 19.03.2

fedoraproject/fedora 29

fedoraproject/fedora 30

fedoraproject/fedora 31

linuxfoundation/runc 1.0.0 rc1 (8 CPE variants)

linuxfoundation/runc 0.0.1 - 0.1.1

opencontainers/runc 0 - 1.0.0-rc8.0.20190930145003-cad42f6e0932Go

opencontainers/selinux 0 - 1.3.1-0.20190929122143-5215b1806f52Go

... and 12 more

Published Sep 25, 2019

Tracked Since Feb 18, 2026