2120 matches found
CVE-2016-9962
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...
CVE-2016-9962
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...
CVE-2016-9962
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...
CVE-2016-9962
The CVE-2016-9962 issue affects RunC (runc) where the runc exec feature allowed additional container processes to be ptraced by the container’s pid 1. Under root, this enabled access to the new processes’ file descriptors during initialization, creating the possibility of container escape or modi...
PT-2017-4094 · Open Container Initiative +3 · Runc +3
Name of the Vulnerable Software and Affected Versions: runc affected versions not specified Description: The issue is related to a flaw in tracking additional container processes using the container's pid 1, which can be exploited to gain access to sensitive data, compromise data integrity, and...
Security fix for the ALT Linux 10 package runc version 1.0.0-alt2.gitc91b5be
Jan. 23, 2017 Vladimir Didenko 1.0.0-alt2.gitc91b5be - New version. - Fixes CVE-2016-9962...
Security fix for the ALT Linux 8 package runc version 1.0.0-alt2.gitc91b5be
Jan. 23, 2017 Vladimir Didenko 1.0.0-alt2.gitc91b5be - New version. - Fixes CVE-2016-9962...
Fedora Update for runc FEDORA-2017-0200646669
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 25 Update: runc-1.0.0-3.rc2.gitc91b5be.fc25
The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...
Fedora 25 : 1:runc (2017-0200646669)
Resolves: 1412238 - CVE-2016-9962 - set init processes as non-dumpable, ---- patch to enable seccomp ---- bump to 1.0.0 rc2 ---- Resolves: 1342707 - bump to v1.0.0-rc1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
Docker Patches Privilege Escalation Vulnerability
Docker has patched a privilege escalation vulnerability CVE-2016-9962 that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container. The vulnerability is rated high severity by some Linux distributions such as Arch Linux, which traces the problem t...
Oracle Linux 6 / 7 : docker-engine / docker-engine-selinux (ELSA-2017-3511)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3511 advisory. - Fix runC privilege escalation CVE-2016-9962 - Fix ambient capability usage in containers CVE-2016-8867 27610 Tenable has extracted the preceding descripti...
RHEL 7 : docker (RHSA-2017:0116)
An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
RHEL 7 : runc (RHSA-2017:0127)
An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
RHEL 7 : docker-latest (RHSA-2017:0123)
An update for docker-latest is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: runc security and bug fix update
An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
docker: insecure opening of file-descriptor allows privilege escalation
The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...
docker: insecure opening of file-descriptor allows privilege escalation
The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...
docker: insecure opening of file-descriptor allows privilege escalation
The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...
Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update
An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...