CVE-2019-19921

HIGH

runc <1.0.0-rc9 - Privilege Escalation

Title source: llm

Description

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

References (15)

[Broken Link, Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00018.html

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2020:0688

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2020:0695

[Third Party Advisory] https://security.gentoo.org/glsa/202003-21

[Third Party Advisory] https://usn.ubuntu.com/4297-1/

[Mailing List] https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/

[Issue Tracking, Patch, Third Party Advisory] https://github.com/opencontainers/runc/issues/2197

[Issue Tracking, Third Party Advisory] https://github.com/opencontainers/runc/pull/2190

[Third Party Advisory] https://github.com/opencontainers/runc/releases

[Third Party Advisory] https://security-tracker.debian.org/tracker/CVE-2019-19921

Scores

CVSS v3 7.0

EPSS 0.0014

EPSS Percentile 33.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-706

Status published

Products (10)

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

debian/debian_linux 9.0

debian/debian_linux 10.0

linuxfoundation/runc 1.0.0 rc1 (9 CPE variants)

linuxfoundation/runc < 0.1.1

opencontainers/runc 0 - 1.0.0-rc9.0.20200122160610-2fc03cc11c77Go

opensuse/leap 15.1

redhat/openshift_container_platform 4.1

redhat/openshift_container_platform 4.2

Published Feb 12, 2020

Tracked Since Feb 18, 2026