- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Detect modifications to the runc
binary outside of the normal package management lifecycle.
CVE-2019-5736, a vulnerability in runc
through version 1.0-rc6 could allow attackers to overwrite the host runc
binary, which allows the attacker to effectively escape a running container, and gain root access on the underlying host.
Any modifications to runc
(outside of standard package management upgrades) could be exploiting this vulnerability to gain root access to the system.
runc
binary.runc
to a version above 1.0-rc6 (or Docker 18.09.2 and above).Requires Agent version 7.27 or greater