Re: [FD] [oss-security] Docker 1.12.6 - Security Advisory
On 01/11/2017 03:29 AM, Kurt Seifried wrote: > On Tue, Jan 10, 2017 at 6:58 PM, Nathan McCauley > [CVE-2016-9962] Insecure opening of file-descriptor allows privilege >> escalation >> >> [...] >> Credit for this discovery goes to Aleksa Sarai from SUSE and Tõnis Tiigi >> from Docker. > Can you post a link to a patch for this issue, or to a bug entry with > additional details, or the download site at a minimum? Thanks! https://bugzilla.suse.com/show_bug.cgi?id=1012568 https://github.com/docker/docker/compare/v1.12.5...v1.12.6 https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5 Andreas -- Andreas Stieger Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) signature.asc Description: OpenPGP digital signature ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Re: [FD] [oss-security] Docker 1.12.6 - Security Advisory
Can you post a link to a patch for this issue, or to a bug entry with additional details, or the download site at a minimum? Thanks! On Tue, Jan 10, 2017 at 6:58 PM, Nathan McCauley wrote: > Docker Engine version 1.12.6 has been released to address a vulnerability > and is immediately available for all supported platforms. Users are advised > to upgrade existing installations of the Docker Engine and use 1.12.6 for > new installations. > > Please send any questions to secur...@docker.com. > > > == > [CVE-2016-9962] Insecure opening of file-descriptor allows privilege > escalation > > == > > RunC allowed additional container processes via `runc exec` to be ptraced > by the pid 1 of the container. This allows the main processes of the > container, if running as root, to gain access to file-descriptors of these > new processes during the initialization and can lead to container escapes > or modification of runC state before the process is fully placed inside the > container > > > Credit for this discovery goes to Aleksa Sarai from SUSE and Tõnis Tiigi > from Docker. > -- -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secal...@redhat.com ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/