CVE-2016-9962
Published
CVSS v3
N/A
CVSS v2
4.4
MEDIUM
Affected
2
PROJECTS
Description
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
GitHubCLI tool for spawning and running containers according to the OCI specification
GitHub