KLA10820
Privilege escalation vulnerability in Docker
Обновлено: 17/06/2019
Дата обнаружения
01/06/2016
Уровень угрозы
Warning
Описание

An improper treating of a numeric UID was found in Docker. By exploiting this vulnerability malicious users can escalate privileges. This vulnerability can be exploited locally via a numeric username in the password file.


Technical details

This vulnerability is related to libcontainer/user/user.go in runC.

Пораженные продукты

Docker versions earlier than 1.11.2

Решение

Update to the latest version
Get Docker

Оказываемое влияние
?
PE 
[?]
CVE-IDS
CVE-2016-36972.1Warning