CVE-2016-9962 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Privilege escalation
Description	The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can, depending on the nature of the incoming process, leverage this to elevate access to the host. This ranges from accessing host content through the file descriptors of the incoming process to, potentially, a complete container escape by leveraging memory access or syscall interception.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-134	runc	0.1.1-4	1.0.0rc5+19+g69663f0b-1	High	Fixed
AVG-133	docker	1:1.12.5-1	1:1.12.6-1	High	Fixed	FS#52493

Date	Advisory	Group	Package	Severity	Type
16 May 2018	ASA-201805-11	AVG-134	runc	High	privilege escalation
13 Jan 2017	ASA-201701-19	AVG-133	docker	High	privilege escalation

References
https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5 https://bugzilla.suse.com/show_bug.cgi?id=1012568 https://github.com/docker/docker/compare/v1.12.5...v1.12.6 https://www.mail-archive.com/fulldisclosure@seclists.org/msg04165.html

References

https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5
https://bugzilla.suse.com/show_bug.cgi?id=1012568
https://github.com/docker/docker/compare/v1.12.5...v1.12.6
https://www.mail-archive.com/fulldisclosure@seclists.org/msg04165.html