Search CVE reports
11 – 13 of 13 results
CVE-2019-5736
Medium priorityrunc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within...
2 affected packages
docker.io, runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| docker.io | — | — | — | Fixed | Fixed |
| runc | — | — | — | Fixed | Fixed |
CVE-2016-9962
Medium prioritySome fixes available 11 of 13
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new...
2 affected packages
docker.io, runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| docker.io | — | — | — | Fixed | Fixed |
| runc | — | — | — | Fixed | Not affected |
CVE-2016-3697
Medium prioritySome fixes available 1 of 4
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a...
2 affected packages
docker.io, runc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| docker.io | — | — | — | — | Not affected |
| runc | — | — | — | — | Not affected |