ALAS-2019-1156


Amazon Linux AMI Security Advisory: ALAS-2019-1156
Advisory Release Date: 2019-02-11 16:26 Pacific
Severity: Important
References: CVE-2019-5736 

Issue Overview:

A vulnerability was discovered in runc, which is used by Docker to run containers. runc did not prevent container processes from modifying the runc binary via /proc/self/exe. A malicious container could replace the runc binary, resulting in container escape and privilege escalation. This was fixed by creating a per-container copy of runc.(CVE-2019-5736 )


Affected Packages:

docker


Issue Correction:
Run yum update docker to update your system.

New Packages:
src:
    docker-18.06.1ce-7.25.amzn1.src

x86_64:
    docker-debuginfo-18.06.1ce-7.25.amzn1.x86_64
    docker-18.06.1ce-7.25.amzn1.x86_64