CVE-2019-16884 vulnerability in Docker and Other Products
Published on September 25, 2019

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-16884

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-16884 are published in these products:

Docker

Linux Foundation Runc

Fedora Project Fedora

OpenSuse Leap

Red Hat Openshift Container Platform

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Eus

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Tus

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.57%

Percentile

68.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-16884 vulnerability in Docker and Other ProductsPublished on September 25, 2019

Products Associated with CVE-2019-16884

Exploit Probability

CVE-2019-16884 vulnerability in Docker and Other Products
Published on September 25, 2019