cbcvebase.
CVE-2016-9962
published 2017-01-31

CVE-2016-9962: RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if…

PriorityP427medium6.4CVSS 3.0
AVLACHPRHUINSUCHIHAH
EPSS
0.38%
29.9th percentile
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Affected

16 ranges
VendorProductVersion rangeFixed in
debiandocker.io< docker.io 1.13.1~ds1-2 (bookworm)docker.io 1.13.1~ds1-2 (bookworm)
debiandocker.io
debianrunc< docker.io 1.13.1~ds1-2 (bookworm)docker.io 1.13.1~ds1-2 (bookworm)
dockerdocker
dockerdocker
dockerdocker>= 1.11.0 < 1.12.61.12.6
github.comopencontainers_runc>= 0 < 1.2.81.2.8
github.comopencontainers_runc>= 0 < 1.0.0-rc31.0.0-rc3
github.comopencontainers_runc>= 1.3.0-rc.1 < 1.3.31.3.3
github.comopencontainers_runc>= 1.4.0-rc.1 < 1.4.0-rc.31.4.0-rc.3
github.comopencontainers_selinux>= 0 < 1.13.01.13.0
linuxfoundationrunc>= 0 < 0.1.1+dfsg1-20.1.1+dfsg1-2
linuxfoundationrunc>= 0 < 0.1.1+dfsg1-20.1.1+dfsg1-2
linuxfoundationrunc>= 0 < 0.1.1+dfsg1-20.1.1+dfsg1-2
linuxfoundationrunc>= 0 < 0.1.1+dfsg1-20.1.1+dfsg1-2
redhatenterprise_linux_server

CVSS provenance

nvdv3.06.4MEDIUMCVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.4MEDIUMAV:L/AC:M/Au:N/C:P/I:P/A:P
ghsa7.0HIGH
osv7.0HIGH
vendor_debian6.4MEDIUM
vendor_redhat6.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.