Project

General

Profile

Bug #6672

[3.5] docker: insecure opening of file-descriptor allows privilege escalation (CVE-2016-9962)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
01/12/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

RunC allowed additional container processes via `runc exec` to be ptraced by the pid 1 of the container.
This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new
processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Fixed In Version:

docker 1.12.6

Reference:

http://seclists.org/oss-sec/2017/q1/54

Associated revisions

Revision 73e309f3 (diff)
Added by Natanael Copa over 2 years ago

community/docker: security upgrade to 1.12.6 (CVE-2016-9962)

fixes #6672

History

#1 Updated by Natanael Copa over 2 years ago

  • Target version changed from 3.5.0 to 3.5.1

#2 Updated by Natanael Copa over 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF