From 6837cfc13cba842186a7261aa9bbd3a8755fd11e Mon Sep 17 00:00:00 2001
From: Jess Frazelle <jessfraz@google.com>
Date: Mon, 25 Jul 2016 10:45:45 -0700
Subject: [PATCH] update non-events

Signed-off-by: Jess Frazelle <jessfraz@google.com>
---
 docs/security/non-events.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/docs/security/non-events.md b/docs/security/non-events.md
index 97da919309..e068944120 100644
--- a/docs/security/non-events.md
+++ b/docs/security/non-events.md
@@ -73,6 +73,14 @@ seccomp profile.
 A bug in eBPF -- the special in-kernel DSL used to express things like seccomp
 filters -- allowed arbitrary reads of kernel memory. The `bpf()` system call
 is blocked inside Docker containers using (ironically) seccomp.
+* [CVE-2016-3134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134),
+[4997](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997),
+[4998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998):
+A bug in setsockopt with `IPT_SO_SET_REPLACE`, `ARPT_SO_SET_REPLACE`,  and
+`ARPT_SO_SET_REPLACE` causing memory corruption / local privilege escalation.
+These arguments are blocked by `CAP_NET_ADMIN`, which Docker does not allow by
+default.
+
 
 Bugs *not* mitigated: