docker - Arch Linux
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-968 | 1:18.09.6-1 | 1:18.09.7-1 | High | Fixed | |
| AVG-892 | 1:18.09.1-2 | 1:18.09.2-1 | High | Not affected | |
| AVG-133 | 1:1.12.5-1 | 1:1.12.6-1 | High | Fixed | FS#52493 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-5736 | AVG-892 | High | Yes | Privilege escalation | A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... |
| CVE-2018-15664 | AVG-968 | High | No | Privilege escalation | A race condition with symbolic links has been found in Docker, allowing read-write access to the host and guest file-systems. |
| CVE-2016-9962 | AVG-133 | High | No | Privilege escalation | The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows... |
Advisories
| Date | Advisory | Group | Severity | Description |
|---|---|---|---|---|
| 13 Jan 2017 | ASA-201701-19 | AVG-133 | High | privilege escalation |