DirectorySecurity Advisories
Sign In
Security Advisories

CGA-hm4m-crc5-fc47

Published

Last updated

https://images.chainguard.dev/security/CGA-hm4m-crc5-fc47
Package

runc

Latest Update
Not affected
Aliases
  • CVE-2016-9962
  • GHSA-gp4j-w3vj-7299

Severity

6.4

Medium

CVSS V3

Summary

Information Exposure in RunC

Description

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation