CVE-2019-5736 - Escape from Docker and Kubernetes containers to root on host

This scenario demos has been taken from https://github.com/Frichetten/CVE-2019-5736-PoC. Thanks to Nick Frichette

This is a Go implementation of CVE-2019-5736, a container escape for Docker. The exploit works by overwriting and executing the host systems runc binary from within the container.

How does the exploit work?

Example of malicious Docker image

References

• CVE-2019-5736: runc container breakout exploit code
• CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host
• CVE-2019-5736-PoC