{"id":"MGASA-2017-0189","summary":"Updated docker packages fix security vulnerability","details":"The runc component used by `docker exec` feature of docker allowed\nadditional container processes to be ptraced by the pid 1 of the\ncontainer. This allows the main processes of the container, if running\nas root, to gain low-level access to these new processes during\ninitialization. An attacker can, depending on the nature of the\nincoming process, leverage this to elevate access to the host. This\nranges from accessing host content through the file descriptors of the\nincoming process to, potentially, a complete container escape by\nleveraging memory access or syscall interception (CVE-2016-9962).\n","modified":"2026-02-01T19:42:09.377566Z","published":"2017-06-28T10:01:20Z","related":["CVE-2016-9962"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0189.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20100"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ/"}],"affected":[{"package":{"name":"docker","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/docker?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.9.1-1.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0189.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}