mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
9.2 KiB
9.2 KiB
CVE-2019-5736
Description
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
POC
Reference
- http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html
- http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html
- https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/
- https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/
- https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html
- https://github.com/Frichetten/CVE-2019-5736-PoC
- https://github.com/q3k/cve-2019-5736-poc
- https://github.com/rancher/runc-cve
- https://hackerone.com/reports/495495
- https://www.exploit-db.com/exploits/46359/
- https://www.exploit-db.com/exploits/46369/
Github
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xT11/CVE-POC
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/43622283/awesome-cloud-native-security
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Alevsk/dvka
- https://github.com/Asbatel/CVE-2019-5736_POC
- https://github.com/BBRathnayaka/POC-CVE-2019-5736
- https://github.com/Billith/CVE-2019-5736-PoC
- https://github.com/BurlakaR/tpc
- https://github.com/C2ActiveThreatHunters/Awesome-Docker-Kubernetis-Containers-Vulnerabilities-and-Exploitation
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/ChristineEdgarse/Secrets6
- https://github.com/DataDog/dirtypipe-container-breakout-poc
- https://github.com/EvilAnne/2019-Read-article
- https://github.com/Frichetten/CVE-2019-5736-PoC
- https://github.com/GhostTroops/TOP
- https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime
- https://github.com/H3xL00m/CVE-2019-5736
- https://github.com/InesMartins31/iot-cves
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/CVE-2022-0847-container-escape
- https://github.com/Keramas/Blowhole
- https://github.com/Lee-SungYoung/cve-2019-5736-study
- https://github.com/Ly0nt4r/OSCP
- https://github.com/Malamunza/Nvedia
- https://github.com/Malamunza/update2
- https://github.com/Mecyu/googlecontainers
- https://github.com/Meowmycks/OSCPprep-Cute
- https://github.com/Meowmycks/OSCPprep-Sar
- https://github.com/Meowmycks/OSCPprep-hackme1
- https://github.com/Metarget/awesome-cloud-native-security
- https://github.com/Metarget/cloud-native-security-book
- https://github.com/Metarget/k0otkit
- https://github.com/Metarget/metarget
- https://github.com/MrHyperIon101/docker-security
- https://github.com/NetW0rK1le3r/awesome-hacking-lists
- https://github.com/PercussiveElbow/docker-escape-tool
- https://github.com/PercussiveElbow/docker-security-checklist
- https://github.com/Petes77/Docker-Security
- https://github.com/Pray3r/cloud-native-security
- https://github.com/RClueX/Hackerone-Reports
- https://github.com/Retr0-ll/2023-littleTerm
- https://github.com/Retr0-ll/littleterm
- https://github.com/RyanNgWH/CVE-2019-5736-POC
- https://github.com/SamP10/BetDocker
- https://github.com/SexyBeast233/SecBooks
- https://github.com/ShadowFl0w/Cloud-Native-Security-Test
- https://github.com/SirElmard/ethical_hacking
- https://github.com/SunWeb3Sec/Kubernetes-security
- https://github.com/UCloudDoc-Team/uk8s
- https://github.com/UCloudDocs/uk8s
- https://github.com/aakashchauhn/Cloud-Pentest
- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground
- https://github.com/agppp/cve-2019-5736-poc
- https://github.com/aishee/DOCKER-2019-5736
- https://github.com/alenperic/HTB-TheNotebook
- https://github.com/atesemre/awesome-cloud-native-security
- https://github.com/b3d3c/poc-cve-2019-5736
- https://github.com/bitdefender/vbh_sample
- https://github.com/brant-ruan/awesome-container-escape
- https://github.com/brimstone/stars
- https://github.com/brompwnie/botb
- https://github.com/c0d3cr4f73r/CVE-2019-5736
- https://github.com/cdk-team/CDK
- https://github.com/chosam2/cve-2019-5736-poc
- https://github.com/cometkim/awesome-list
- https://github.com/crypticdante/CVE-2019-5736
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/czujsnn/docker_security
- https://github.com/dani-santos-code/kubecon_2023_prevent_cluster_takeover
- https://github.com/defgsus/good-github
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/epsteina16/Docker-Escape-Miner
- https://github.com/fahmifj/Docker-breakout-runc
- https://github.com/fenixsecurelabs/core-nexus
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/geropl/CVE-2019-5736
- https://github.com/h4ckm310n/Container-Vulnerability-Exploit
- https://github.com/hacking-kubernetes/hacking-kubernetes.info
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/heroku/bheu19-attacking-cloud-builds
- https://github.com/hktalent/TOP
- https://github.com/imhunterand/hackerone-publicy-disclosed
- https://github.com/iridium-soda/container-escape-exploits
- https://github.com/jakubkrawczyk/cve-2019-5736
- https://github.com/jas502n/CVE-2019-5736
- https://github.com/jbmihoub/all-poc
- https://github.com/jeansgit/Pentest
- https://github.com/k4u5h41/CVE-2019-5736
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/kdada/imkira.com
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khu-capstone-design/kubernetes-vulnerability-investigation
- https://github.com/kindredgroupsec/venom
- https://github.com/likescam/CVE-2019-5736
- https://github.com/likescam/cve-2019-5736-poc
- https://github.com/lnick2023/nicenice
- https://github.com/loyality7/Awesome-Containers
- https://github.com/lp008/Hack-readme
- https://github.com/m4r1k/k8s_5g_lab
- https://github.com/manoelt/50M_CTF_Writeup
- https://github.com/marklindsey11/Docker-Security
- https://github.com/merlinepedra/K0OTKIT
- https://github.com/merlinepedra25/K0OTKIT
- https://github.com/milloni/cve-2019-5736-exp
- https://github.com/mrzzy/govware-2019-demos
- https://github.com/myugan/awesome-docker-security
- https://github.com/n3ov4n1sh/CVE-2019-5736
- https://github.com/neargle/my-re0-k8s-security
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/opencontainers-sec/go-containersec
- https://github.com/opencontainers/runc
- https://github.com/orgTestCodacy11KRepos110MB/repo-3574-my-re0-k8s-security
- https://github.com/oscpname/OSCP_cheat
- https://github.com/owen800q/Awesome-Stars
- https://github.com/panzouh/Docker-Runc-Exploit
- https://github.com/paulveillard/cybersecurity-docker-security
- https://github.com/phoenixvlabs/core-nexus
- https://github.com/phxvlabsio/core-nexus
- https://github.com/psifertex/ctf-vs-the-real-world
- https://github.com/pyperanger/dockerevil
- https://github.com/q3k/cve-2019-5736-poc
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/rancher/runc-cve
- https://github.com/readloud/Awesome-Stars
- https://github.com/reni2study/Cloud-Native-Security2
- https://github.com/revanmalang/OSCP
- https://github.com/runerx/Cloud-Native-Security-Test
- https://github.com/rustymagnet3000/container_playground
- https://github.com/sandbornm/HardenDocker
- https://github.com/saucer-man/exploit
- https://github.com/shen54/IT19172088
- https://github.com/si1ent-le/CVE-2019-5736
- https://github.com/source-xu/docker-vuls
- https://github.com/ssst0n3/docker_archive
- https://github.com/stillan00b/CVE-2019-5736
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/takumak/cve-2019-5736-reproducer
- https://github.com/tmawalt12528a/eggshell1
- https://github.com/tonybreak/CDK_bak
- https://github.com/twistlock/RunC-CVE-2019-5736
- https://github.com/twistlock/whoc
- https://github.com/txuswashere/OSCP
- https://github.com/txuswashere/Web-Pentesting
- https://github.com/veritas501/pipe-primitive
- https://github.com/vinci-3000/Cloud-Native-Security-Test
- https://github.com/waqeen/cyber_security21
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/xbl2022/awesome-hacking-lists
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xhref/OSCP
- https://github.com/y0shimitsugh0st84/ecape
- https://github.com/y0shimitsugh0st84/kap
- https://github.com/yyqs2008/CVE-2019-5736-PoC-2
- https://github.com/zhonghual1206/biyi-sealidentify
- https://github.com/zyriuse75/CVE-2019-5736-PoC