Exploit for #VU17474 Privilege escalation in runc

Vulnerability identifier: #VU17474

Vulnerability risk: Medium

CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2019-5736

CWE-ID: CWE-264

Exploitation vector: Local

Exploits in database: 6

• January 23, 2023
  • Docker-Vulnerabilities-CVE-2019-5736 (Docker container vulnerabilities exploiting CVE-2019-5736 ) [Github]
• June 30, 2021
  • Docker Container Escape Via runC Overwrite [Metasploit]
• June 17, 2021
  • runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2) [Exploit-DB]
• March 18, 2020
  • Docker-Runc-Exploit (Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https://github.com/Frichetten/CVE-2019-5736-PoC.git) [Github]
  • Docker-Escape-Miner (Code sample for using exploit CVE-2019-5736 to mine bitcoin with no association to original container or user.) [Github]
  • CVE-2019-5736-Custom-Runtime (CVE-2019-5736 implemented in a self-written container runtime to understand the exploit.) [Github]

Vulnerable software:
runc
Client/Desktop applications / Other client software

Vendor: Open Container Initiative