Docker Security Update: CVE-2018-5736 and Container Security Best Practices



  • On Monday, February 11, Docker released an update to fix a privilege escalation vulnerability (CVE-2019-5736) in runC, the Open Container Initiative (OCI) runtime specification used in Docker Engine and containerd. This vulnerability makes it possible for a malicious actor that has created a specially-crafted container image to gain administrative privileges on the host. Docker engineering worked with runC maintainers on the OCI to issue a patch for this vulnerability. Docker recommends immediately applying the update to avoid any potential security threats. For Docker Engine-Community, this means updating to 18.09.2 or 18.06.2. For Docker Engine- Enterprise, this means updating to 18.09.2, 18.03.1-ee-6, or 17.06.2-ee-19. Read the release notes before applying the update due to specific instructions for Ubuntu and RHEL operating systems. Summary of the Docker Engine versions that address the vulnerability:   Docker Engine Community Docker Engine Enterprise 18.09.2 18.09.2 18.06.2 18.03.1-ee-6 17.06.2-ee-19 To better protect Continue reading...

    The post Docker Security Update: CVE-2018-5736 and Container Security Best Practices appeared first on Docker Blog.



    https://blog.docker.com/2019/02/docker-security-update-cve-2018-5736-and-container-security-best-practices/

 

© Lightnetics 2019