Browse code
Merge pull request #25020 from jfrazelle/update-non-events
update security non-events
(cherry picked from commit 14664beda923dc9249cbd4ac4f024319668e57c0)
Sebastiaan van Stijn authored on 2016/07/28 16:29:51Showing 1 changed files
| ... | ... |
@@ -73,6 +73,14 @@ seccomp profile. |
| 73 | 73 |
A bug in eBPF -- the special in-kernel DSL used to express things like seccomp |
| 74 | 74 |
filters -- allowed arbitrary reads of kernel memory. The `bpf()` system call |
| 75 | 75 |
is blocked inside Docker containers using (ironically) seccomp. |
| 76 |
+* [CVE-2016-3134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134), |
|
| 77 |
+[4997](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997), |
|
| 78 |
+[4998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998): |
|
| 79 |
+A bug in setsockopt with `IPT_SO_SET_REPLACE`, `ARPT_SO_SET_REPLACE`, and |
|
| 80 |
+`ARPT_SO_SET_REPLACE` causing memory corruption / local privilege escalation. |
|
| 81 |
+These arguments are blocked by `CAP_NET_ADMIN`, which Docker does not allow by |
|
| 82 |
+default. |
|
| 83 |
+ |
|
| 76 | 84 |
|
| 77 | 85 |
Bugs *not* mitigated: |
| 78 | 86 |
|