vulnerability
Docker: CVE-2016-9962: runC privilege escalation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:M/C:C/I:C/A:C) | 01/31/2017 | 05/04/2017 | 01/28/2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
Published
01/31/2017
Added
05/04/2017
Modified
01/28/2025
Description
Race condition in Docker Engine before 1.12.6 might allow local root users in a container to gain privileges by using ptrace to access file-descriptors of a process launched or moved into the container from another namespace, aka an "on-entry vulnerability."
Solution
docker-cve-2016-9962-1
References
- BID-95361
- CVE-2016-9962
- https://attackerkb.com/topics/CVE-2016-9962
- URL-http://seclists.org/fulldisclosure/2017/Jan/21
- URL-http://seclists.org/fulldisclosure/2017/Jan/29
- URL-http://www.securityfocus.com/archive/1/archive/1/540001/100/0/threaded
- URL-http://www.securityfocus.com/bid/95361
- URL-https://access.redhat.com/security/vulnerabilities/cve-2016-9962
- URL-https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6
- URL-https://github.com/docker/docker/releases/tag/v1.12.6
- URL-https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5
- URL-https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ/
- URL-https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR/
- URL-https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP/
- URL-https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK/
- URL-https://security.gentoo.org/glsa/201701-34
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.