Allele Security Alert
ASA-2019-00073
Identifier(s)
ASA-2019-00073, CVE-2019-5736
Title
Execution of malicious containers allows for container escape and access to host filesystem
Vendor(s)
Open Container Initiative
Product(s)
runC
Affected version(s)
All supported versions of runC
Fixed version(s)
Versions with the following commit:
https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
Proof of concept
Yes
Description
The vulnerability allows a malicious container to (with minimal user interaction) overwrite the host runC binary and thus gain root-level code execution on the host. The level of user interaction is being able to run any command (it doesn’t matter if the command is not attacker-controlled) as root within a container in either of these contexts:
- Creating a new container using an attacker-controlled image.
- Attaching (docker exec) into an existing container which the attacker had previous write access to.
Technical details
It has been discovered that an attacker can compromise the runC host binary from inside a privileged runC container. As a result, this could be exploited to gain root access on the host. runC is used as the default runtime for containers with Docker, containerd, Podman, and CRI-O.
The attack can be made when attaching to a running container or when starting a container running a specially crafted image. For example, when runC attaches to a container the attacker can trick it into executing itself. This could be done by replacing the target binary inside the container with a custom binary pointing back at the runC binary itself. As an example, if the target binary was /bin/bash, this could be replaced with an executable script specifying the interpreter path #!/proc/self/exe (/proc/self/exec is a symbolic link created by the kernel for every process which points to the binary that was executed for that process). As such when /bin/bash is executed inside the container, instead the target of /proc/self/exe will be executed – which will point to the runc binary on the host. The attacker can then proceed to write to the target of /proc/self/exe to try and overwrite the runC binary on the host. However in general, this will not succeed as the kernel will not permit it to be overwritten whilst runC is executing. To overcome this, the attacker can instead open a file descriptor to /proc/self/exe using the O_PATH flag and then proceed to reopen the binary as O_WRONLY through /proc/self/fd/<nr> and try to write to it in a busy loop from a separate process. Ultimately it will succeed when the runC binary exits. After this the runC binary is compromised and can be used to attack other containers or the host itself.
This attack is only possible with privileged containers since it requires root privilege on the host to overwrite the runC binary. Unprivileged containers with a non-identity ID mapping do not have the permission to write to the host binary and therefore are unaffected by this attack.
Credits
Adam Iwaniuk and Borys Popławski
Reference(s)
CVE-2019-5736: runc container breakout (all versions)
https://seclists.org/oss-sec/2019/q1/119
CVE-2019-5736 – Red Hat Customer Portal
https://access.redhat.com/security/cve/cve-2019-5736
CVE-2019-5736 (runC): rexec callers as memfd
https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
nsenter: clone /proc/self/exe to avoid exposing host binary to container
https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
CVE-2019-5736
https://github.com/feexd/pocs/tree/master/CVE-2019-5736
Breaking out of Docker via runC – Explaining CVE-2019-5736
https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/
CVE-2019-5736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736
CVE-2019-5736
https://nvd.nist.gov/vuln/detail/CVE-2019-5736
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: June 14, 2019