TTCSIRT-200.022119: TT-CSIRT Advisory – VMware Security Updates

TTCSIRT-200.022119: TT-CSIRT Advisory – VMware Security Updates

VMWare has released a security update stating that it has discovered a runc container runtime vulnerability for VMware Integrated OpenStack with Kubernetes (VIO-K), VMware PKS (PKS), VMware vCloud Director Container Service Extension (CSE) and vSphere Integrated Containers (VIC).

Successful exploitation of this issue may allow an attacker to overwrite the contents of a host’s runc binary and execute arbitrary code.

Further information on this vulnerability and how it can be mitigated can be found on the VMware Website at https://www.vmware.com/security/advisories/VMSA-2019-0001.html