CVE-2016-9962

Priority
Medium
Description
Race condition in Docker Engine before 1.12.6 might allow local root users
in a container to gain privileges by using ptrace to access
file-descriptors of a process launched or moved into the container from
another namespace, aka an "on-entry vulnerability."
References
Package
Source: runc (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 16.10 (Yakkety Yak):needed
Ubuntu 17.04 (Zesty Zapus):needed
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 16.10 (Yakkety Yak):needed
Ubuntu 17.04 (Zesty Zapus):needed
More Information

Updated: 2017-02-02 03:14:28 UTC (commit 12040)