|
|
Log in / Subscribe / Register

CVE-2019-5736: runc container breakout

CVE-2019-5736: runc container breakout

Posted Feb 12, 2019 19:17 UTC (Tue) by NightMonkey (subscriber, #23051)
Parent article: CVE-2019-5736: runc container breakout

Could anyone care to speak about this vulnerability with regard to major cloud provider container implementations? I'm thinking AWS ECS (Fargate or otherwise), Google Cloud, etc. Thanks in advance.

to post comments

CVE-2019-5736: runc container breakout

Posted Feb 12, 2019 21:44 UTC (Tue) by NightMonkey (subscriber, #23051) [Link]

Well, to start to answer my own quest:

https://aws.amazon.com/security/security-bulletins/AWS-20...

CVE-2019-5736: runc container breakout

Posted Feb 13, 2019 22:35 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

Amazon doesn't use Docker containers to isolate different tenants. Even Fargate and Lambda use full-scale virtualization for isolation, so that your data won't leak into other users' accounts.

If you run untrusted containers then your account is vulnerable. But why would you do this?


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds