runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-12T00:00:00
Updated: 2023-08-16T00:00:00
Reserved: 2019-12-22T00:00:00
Link: CVE-2019-19921
JSON object: View
NVD Information
Status : Modified
Published: 2020-02-12T15:15:12.210
Modified: 2023-11-07T03:07:52.063
Link: CVE-2019-19921
JSON object: View
Redhat Information
No data.
CWE