Government of the Republic of Trinidad and Tobago                                                                                                                                        


TTCSIRT-200.022119: TT-CSIRT Advisory – VMware Security Updates

20th February 2019

VMWare has released a security update stating that it has discovered a runc container runtime vulnerability for VMware Integrated OpenStack with Kubernetes (VIO-K), VMware PKS (PKS), VMware vCloud Director Container Service Extension (CSE) and vSphere Integrated Containers (VIC).

Successful exploitation of this issue may allow an attacker to overwrite the contents of a host’s runc binary and execute arbitrary code.

Further information on this vulnerability and how it can be mitigated can be found on the VMware Website at