Researchers Warn of Malicious Container Escape Vulnerability

Container technology led by the Docker engine has become increasingly popular in recent years, as a way to build and deploy applications into isolated segments, on top of a server operating system.  At the core of the modern container technology stack is a low-level component known as runc, which spawns and runs containers. The new CVE-2019-5736 vulnerability is a flaw in runc that could enable a malicious container to escape the confines of its isolated process segment.