Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora 25: Security Update on Docker 1.12.6 for Privilege Escalation

fedora
Calendar Grey January 15, 2017
Dist Fedora Esm H88
Fedora 25 has been updated to remediate CVE-2016-9962, resolving issues with insecure file-descriptor handling that could allow for unauthorized privilege escalation.
Fix CVE-2016-9962 - Insecure opening of file-descriptor allows privilege escalation ---- built docker @projectatomic/docker-1.12 commit 6009905 ---- built docker @projectatomic/doc...

Summary

Docker is an open-source engine that automates the deployment of any

application as a lightweight, portable, self-sufficient container that will

run virtually anywhere.

Docker containers can encapsulate any payload, and will run consistently on

and between virtually any server. The same container that a developer builds

and tests on a laptop will run at scale, in production*, on VMs, bare-metal

servers, OpenStack clusters, public instances, or combinations of the above.

Update Information:

Fix CVE-2016-9962 - Insecure opening of file-descriptor allows privilege escalation ---- built docker @projectatomic/docker-1.12 commit 6009905 ---- built docker @projectatomic/docker-1.12 commit 97974ae ---- built docker @projectatomic/docker-1.12 commit 7b5044b

Topics%20covered

Topics Covered

security advisory software update Fedora privilege escalation docker

Change Log

References


[ 1 ] Bug #1412189 - CVE-2016-9962 docker: Insecure opening of file-descriptor allows privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1412189

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade docker-latest' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: docker-latest
Product: Fedora 25
Version: 1.12.6
Release: 2.git51ef5a8.fc25
URL: https://github.com/projectatomic/docker
Summary: Automates deployment of containerized applications

Topics%20covered

Topics Covered

security advisory software update Fedora privilege escalation docker

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here