[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2016-9962Date: (C)2017-02-02   (M)2023-12-22


RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.4CVSS Score : 4.4
Exploit Score: 0.5Exploit Score: 3.4
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: HIGHAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
http://seclists.org/fulldisclosure/2017/Jan/21
http://www.securityfocus.com/archive/1/540001/100/0/threaded
BID-95361
FEDORA-2017-0200646669
FEDORA-2017-c2c2d1be16
FEDORA-2017-dbc2b618eb
FEDORA-2017-fcd02e2c2d
GLSA-201701-34
RHSA-2017:0116
RHSA-2017:0123
RHSA-2017:0127
https://access.redhat.com/security/vulnerabilities/cve-2016-9962
https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6
https://github.com/docker/docker/releases/tag/v1.12.6
https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5

CPE    1
cpe:/a:docker:docker
CWE    1
CWE-362
OVAL    13
oval:org.secpod.oval:def:111877
oval:org.secpod.oval:def:111883
oval:org.secpod.oval:def:111903
oval:org.secpod.oval:def:111918
...

© SecPod Technologies