Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2016-9962

It was discovered that runC allowed additional container processes via `runc exec` to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Source

ALAS-2017-783

Amazon Linux AMI Security Advisory: ALAS-2017-783
Advisory Release Date: 2017-01-10 18:00 Pacific
Advisory Updated Date: 2017-01-10 18:00 Pacific

Severity: Important

References: CVE-2016-9962

Issue Overview:

It was discovered that runC allowed additional container processes via `runc exec` to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Affected Packages:

docker

Issue Correction:
Run yum update docker to update your system.

New Packages:

noarch:
    docker-devel-1.12.6-1.17.amzn1.noarch
    docker-pkg-devel-1.12.6-1.17.amzn1.noarch

src:
    docker-1.12.6-1.17.amzn1.src

x86_64:
    docker-1.12.6-1.17.amzn1.x86_64
    docker-debuginfo-1.12.6-1.17.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2017-783

ALAS-2017-783

Vulmon Search

About

Products

Connect