Mageia alert MGASA-2019-0068 (opencontainers-runc)

From:
             
 
Mageia Updates <buildsystem-daemon@mageia.org> 
To:
             
 
updates-announce@ml.mageia.org 
Subject:
             
 
[updates-announce] MGASA-2019-0068: Updated opencontainers-runc packages fix security vulnerability 
Date:
             
 
Wed, 13 Feb 2019 12:09:24 +0100
Message-ID:
             
 
<20190213110924.3A0499F8C0@duvel.mageia.org>
MGASA-2019-0068 - Updated opencontainers-runc packages fix security vulnerability

Publication date: 13 Feb 2019
URL: https://advisories.mageia.org/MGASA-2019-0068.html
Type: security
Affected Mageia releases: 6
CVE: CVE-2019-5736

Description:
Not using pivot_root(2) leaves the host /proc around in the mount namespace
so that it is possible to mount another /proc without any other submount,
even if /proc in the container is not fully visible. This flaw allows an
attacker to read and modify some parts of the Linux kernel memory
(rhbz#1663068).

runc through 1.0-rc6 allows attackers to overwrite the host runc binary
(and consequently obtain host root access) by leveraging the ability to
execute a command as root within one of these types of containers: a new
container with an attacker-controlled image, or an existing container, to
which the attacker previously had write access, that can be attached with
docker exec. This occurs because of file-descriptor mishandling, related
to /proc/self/exe (CVE-2019-5736).

References:
- https://bugs.mageia.org/show_bug.cgi?id=24253
-
https://lists.fedoraproject.org/archives/list/package-ann...
- https://www.openwall.com/lists/oss-security/2019/02/11/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736

SRPMS:
- 6/core/opencontainers-runc-1.0.0rc5-3.2.mga6