On Monday, February 11, 2019, critical vulnerability, CVE-2019-5736, was announced for Docker.
- Your Kubernetes Cluster
While CloudBees does not provide Kubernetes support; we do realize many of our customers may have questions about this CVE and look to us for guidance and direction. This article offers our recommendations and provides links to additional resources.
Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host.
CloudBees recommends customers follow the recommendations provided by Kubernetes to mitigate the risk.
Kubernetes Recommendation for CVE-2019-5736
CloudBees Customers using GKE or EKS should follow the recommended guidelines provided by their provider links below.
Here are links to security bulletins for GKE and EKS.