6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
27.6%
RunC allowed additional container processes via ‘runc exec’ to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | docker.io | < 1.13.1~ds1-2 | docker.io_1.13.1~ds1-2_all.deb |
Debian | 11 | all | docker.io | < 1.13.1~ds1-2 | docker.io_1.13.1~ds1-2_all.deb |
Debian | 10 | all | docker.io | < 1.13.1~ds1-2 | docker.io_1.13.1~ds1-2_all.deb |
Debian | 999 | all | docker.io | < 1.13.1~ds1-2 | docker.io_1.13.1~ds1-2_all.deb |
Debian | 13 | all | docker.io | < 1.13.1~ds1-2 | docker.io_1.13.1~ds1-2_all.deb |
Debian | 12 | all | runc | < 0.1.1+dfsg1-2 | runc_0.1.1+dfsg1-2_all.deb |
Debian | 11 | all | runc | < 0.1.1+dfsg1-2 | runc_0.1.1+dfsg1-2_all.deb |
Debian | 10 | all | runc | < 0.1.1+dfsg1-2 | runc_0.1.1+dfsg1-2_all.deb |
Debian | 999 | all | runc | < 0.1.1+dfsg1-2 | runc_0.1.1+dfsg1-2_all.deb |
Debian | 13 | all | runc | < 0.1.1+dfsg1-2 | runc_0.1.1+dfsg1-2_all.deb |
6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
27.6%