How it was Discovered:

On February 11th, a critical vulnerability in runC binary was released. According to Aleksa Sarai, a SUSE container senior software engineer and a runC maintainer, security researchers Adam Iwaniuk and Borys Popławski discovered the vulnerability. As published in  NIST National Vulnerability Database (NVD) “The vulnerability allows attackers to overwrite the host runC binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers:

https://blog.checkpoint.com/2019/02/13/dont-runc-how-to-mitigate-cve-2019-5736/