cpe:/a:docker:docker:1.11.0 cpe:/a:docker:docker:1.11.1 cpe:/a:docker:docker:1.11.2 cpe:/a:docker:docker:1.12.0 cpe:/a:docker:docker:1.12.1 cpe:/a:docker:docker:1.12.2 cpe:/a:docker:docker:1.12.3 cpe:/a:docker:docker:1.12.4 cpe:/a:docker:docker:1.12.5 CVE-2016-9962 2017-01-31T17:59:01.783-05:00 2018-10-09T16:01:00.837-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2017-12-08T10:25:38.507-05:00 FULLDISC 20170110 Docker 1.12.6 - Security Advisory BUGTRAQ 20170111 Re: [oss-security] Docker 1.12.6 - Security Advisory BID 95361 FEDORA FEDORA-2017-0200646669 FEDORA FEDORA-2017-c2c2d1be16 FEDORA FEDORA-2017-dbc2b618eb FEDORA FEDORA-2017-fcd02e2c2d GENTOO GLSA-201701-34 REDHAT RHSA-2017:0116 REDHAT RHSA-2017:0123 REDHAT RHSA-2017:0127 CONFIRM https://access.redhat.com/security/vulnerabilities/cve-2016-9962 CONFIRM https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6 CONFIRM https://github.com/docker/docker/releases/tag/v1.12.6 CONFIRM https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5 RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.