Back to search
CVE-2016-9962
Published: Jan 31, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
95361
vdb-entry
x_refsource_BID
https://github.com/docker/docker/releases/tag/v1.12.6
x_refsource_CONFIRM
RHSA-2017:0116
vendor-advisory
x_refsource_REDHAT
20170111 Re: [oss-security] Docker 1.12.6 - Security Advisory
mailing-list
x_refsource_FULLDISC
FEDORA-2017-fcd02e2c2d
vendor-advisory
x_refsource_FEDORA
https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6
x_refsource_CONFIRM
GLSA-201701-34
vendor-advisory
x_refsource_GENTOO
RHSA-2017:0123
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0127
vendor-advisory
x_refsource_REDHAT
FEDORA-2017-c2c2d1be16
vendor-advisory
x_refsource_FEDORA
https://access.redhat.com/security/vulnerabilities/cve-2016-9962
x_refsource_CONFIRM
FEDORA-2017-dbc2b618eb
vendor-advisory
x_refsource_FEDORA
FEDORA-2017-0200646669
vendor-advisory
x_refsource_FEDORA
20170111 Re: [oss-security] Docker 1.12.6 - Security Advisory
mailing-list
x_refsource_BUGTRAQ
20170110 Docker 1.12.6 - Security Advisory
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now