Can you please provide an update as to when you predict a detection for this new cve?
oss-security - CVE-2019-5736: runc container breakout (all versions)
See the RunC Container Breakout Vulnerability blog post.
I can confirm we have a detection in the works.
I see four QID's have been added today:
Thanks for the quick turnaround on the detection and the quick answer!
There is no mention of Qualys accounting for SELinux in enforing mode as a mitigation. Can someone confirm if Qualys is checking for that? I have hosts that Qualys is flagging as vulnerable; however, I am told we have SELinux in enforing mode. Per Red Hat, the vulnerability is mitigated when SELinux is in enforcing mode:
runc - Malicious container escape - CVE-2019-5736 - Red Hat Customer Portal
See the reply to your blog post comment.
Awesome, thank you for the follow up Robert!
Retrieving data ...