docker: insecure opening of file-descriptor allows privilege escalation

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Moderate: Red Hat Security Advisory: docker-latest security, bug fix, and enhancement update

An update for docker-latest is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

docker: insecure opening of file-descriptor allows privilege escalation

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Fedora Update for docker-latest FEDORA-2017-fcd02e2c2d

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : 2:docker-latest (2017-fcd02e2c2d)

Fix CVE-2016-9962 - Insecure opening of file-descriptor allows privilege escalation ---- built docker @projectatomic/docker-1.12 commit 6009905 ---- built docker @projectatomic/docker-1.12 commit 97974ae ---- built docker @projectatomic/docker-1.12 commit 7b5044b Note that Tenable Network Securit...

[SECURITY] Fedora 25 Update: docker-latest-1.12.6-2.git51ef5a8.fc25

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

CVE-2016-9962

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

[SECURITY] Fedora 25 Update: docker-1.12.6-3.git51ef5a8.fc25

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

docker-engine docker-engine-selinux security and bugfix update

1.12.6-1.0.1 - Enable configuration of Docker daemon via sysconfig orabug 21804877 - Require UEK4 for docker 1.9 orabug 22235639 22235645 - Add docker.conf for prelink orabug 25147708 1.12.6 - the systemd unit file /usr/lib/systemd/system/docker.service contains local changes, or - a systemd...

Fedora 25 : 2:docker (2017-dbc2b618eb)

Fix CVE-2016-9962 Insecure opening of file-descriptor allows privilege Fix BZ1412148 - containerd: container did not start before the specified timeout ---- use container-selinux = 2:2.0-2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

[ASA-201701-19] docker: privilege escalation

Arch Linux Security Advisory ASA-201701-19 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2016-9962 Package : docker Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-133 Summary ======= The package docker before version...

Fedora Update for docker FEDORA-2017-dbc2b618eb

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: Red Hat Mobile Application Platform 4.2.1 Security Update - SDKs and RPMs

Updated packages that provide Red Hat Mobile Application Platform 4.2.1, fixed several bugs, and added various enhancements that are now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

Docker Engine Detection (Linux/Unix SSH Login)

SSH login-based detection of Docker Engine. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : docker (ALAS-2017-783)

It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to...

Docker < 1.12.6 Local Privilege Escalation Vulnerability

Docker is prone to a local privilege escalation vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Important: docker

Issue Overview: It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization,...

Docker Swarmki Local Denial of Service Vulnerability

Docker is an open source application container engine from Docker Inc. that supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrade of applications through configuration file...

Design/Logic Flaw

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...