vulnerability

Amazon Linux AMI: CVE-2016-9962: Security patch for docker (ALAS-2017-783)

Severity
6
CVSS
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
Published
Jan 10, 2017
Added
Jan 11, 2017
Modified
Jan 28, 2025

Description

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.

Solution

amazon-linux-upgrade-docker
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.