CVE-2020-14298

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.

La versión de Docker según lo publicado para Red Hat Enterprise Linux 7 Extras por medio del aviso RHBA-2020:0053 incluía una versión incorrecta de runc que no tenía la corrección para CVE-2019-5736, que se corrigió previamente por medio de RHSA-2019:0304. Este problema podría permitir a un contenedor malicioso o comprometido comprometer el host del contenedor y otros contenedores que se ejecutan en el mismo host. Este problema solo afecta a la versión 1.13.1-108.git4ef4b30.el7 de docker, incluida en Red Hat Enterprise Linux 7 Extras. Las versiones anteriores y posteriores no están afectadas