CVE-2016-9962 Information

Description

RunC allowed additional container processes via ‘runc exec’ to be ptraced by the pid 1 of the container. This allows the main processes of the container if running as root to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

http://rhn.redhat.com/errata/RHSA-2017-0116.html http://rhn.redhat.com/errata/RHSA-2017-0123.html http://rhn.redhat.com/errata/RHSA-2017-0127.html http://seclists.org/fulldisclosure/2017/Jan/21 http://seclists.org/fulldisclosure/2017/Jan/29 http://www.securityfocus.com/archive/1/540001/100/0/threaded http://www.securityfocus.com/bid/95361 https://access.redhat.com/security/vulnerabilities/cve-2016-9962 https://bugzilla.suse.com/show_bug.cgi?id=1012568c6 https://github.com/docker/docker/releases/tag/v1.12.6 https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK/ https://security.gentoo.org/glsa/201701-34

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.4