CVE-2019-19921

HIGH

runc <1.0.0-rc9 - Privilege Escalation

Title source: llm
STIX 2.1

Description

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

References (15)

Core 15
Core References
Broken Link, Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0688
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2020:0695
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202003-21
Third Party Advisory vendor-advisory
https://usn.ubuntu.com/4297-1/
Issue Tracking, Patch, Third Party Advisory
https://github.com/opencontainers/runc/issues/2197
Issue Tracking, Third Party Advisory
https://github.com/opencontainers/runc/pull/2190

Scores

CVSS v3 7.0
EPSS 0.0046
EPSS Percentile 36.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-706
Status published
Products (10)
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.10
debian/debian_linux 9.0
debian/debian_linux 10.0
linuxfoundation/runc 1.0.0 rc1 (9 CPE variants)
linuxfoundation/runc < 0.1.1
opencontainers/runc 0 - 1.0.0-rc9.0.20200122160610-2fc03cc11c77Go
opensuse/leap 15.1
redhat/openshift_container_platform 4.1
redhat/openshift_container_platform 4.2
Published Feb 12, 2020
Tracked Since Feb 18, 2026