CVE-2016-3697

Name: CVE-2016-3697
Creator: NVD / NIST
Published: 2016-06-01T20:59:06.137+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.39%

Last modified Jun 17, 2026

CVE-2016-3697 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.. EPSS estimates a 0.39% chance of exploitation in the next 30 days.

Description

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.39%

30.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Docker	Docker	<= 1.11.1
Linuxfoundation	Runc	<= 0.0.9
Opensuse	Opensuse	13.2

References

http://lists.opensuse.org/opensuse-updates/2016-05/msg00111.htmlMailing List, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1034.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2634.htmlThird Party Advisory
https://github.com/docker/docker/issues/21436Patch, Third Party Advisory
https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091Third Party Advisory
https://github.com/opencontainers/runc/pull/708Third Party Advisory
https://github.com/opencontainers/runc/releases/tag/v0.1.0Patch, Third Party Advisory
https://security.gentoo.org/glsa/201612-28Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00111.htmlMailing List, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1034.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2634.htmlThird Party Advisory
https://github.com/docker/docker/issues/21436Patch, Third Party Advisory
https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091Third Party Advisory
https://github.com/opencontainers/runc/pull/708Third Party Advisory
https://github.com/opencontainers/runc/releases/tag/v0.1.0Patch, Third Party Advisory
https://security.gentoo.org/glsa/201612-28Third Party Advisory

Timeline

Published: Jun 1, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-3697?

How severe is CVE-2016-3697?

CVE-2016-3697 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.39% probability of exploitation in the next 30 days.

How do I fix CVE-2016-3697?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-3697?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST