Published: 31/01/2017 Updated: 07/11/2023

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 6.4 | Impact Score: 5.9 | Exploitability Score: 0.5

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Vulnerable Product	Search on Vulmon	Subscribe to Product
docker docker

Debian Bug report logs - #850951 CVE-2016-9962 Package: src:runc; Maintainer for src:runc is Debian Go Packaging Team <pkg-go-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 11 Jan 2017 15:24:01 UTC Severity: grave Tags: security, upstream Found in version runc/011 ...

Synopsis Moderate: runc security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for runc is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Moderate: docker-latest security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for docker-latest is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulne ...

Synopsis Moderate: docker security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for docker is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scori ...

Synopsis Important: docker security update Type/Severity Security Advisory: Important Topic An update for docker is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base s ...

It was discovered that runC allowed additional container processes via `runc exec` to be ptraced by the pid 1 of the container This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to container escapes or modification of runC state be ...

The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization An attacker can, depending on the nature of the incoming process, l ...

WorldFirst (Public) Docker API Exploit - My security researches involving Docker and Openshift

dockerevil A simple repository to store my security flaws in the docker technology 2016 - 2017 Docker API Privilege Escalation(LPE/RPE) Escalate from Offline Server/Minimal Images/Build from TAR Dockerfile Docker SUDO Privilege Escalation (PoC) Nmap Scripts 2019 CodeStudent1995 Based Exploit OpenShift Privilege Escalation(oc) Other awesome security flaws found in the do

CWE-362 https://security.gentoo.org/glsa/201701-34 https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5 https://github.com/docker/docker/releases/tag/v1.12.6 https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6 https://access.redhat.com/security/vulnerabilities/cve-2016-9962 http://seclists.org/fulldisclosure/2017/Jan/29 http://seclists.org/fulldisclosure/2017/Jan/21 http://www.securityfocus.com/bid/95361 http://rhn.redhat.com/errata/RHSA-2017-0127.html http://rhn.redhat.com/errata/RHSA-2017-0123.html http://rhn.redhat.com/errata/RHSA-2017-0116.html http://www.securityfocus.com/archive/1/540001/100/0/threaded https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850951 https://nvd.nist.gov https://github.com/pyperanger/dockerevil https://access.redhat.com/errata/RHSA-2017:0127 https://alas.aws.amazon.com/ALAS-2017-783.html

CVE-2016-9962

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect