RSS   Vulnerabilities for 'Libcontainer'   RSS

2015-05-18
 
CVE-2015-3629

CWE-59
 

 
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

 
 
CVE-2015-3627

CWE-59
 

 
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

 

 >>> Vendor: Docker 5 Products
Docker
Docker-py
Libcontainer
Docker registry
Credential helpers


Copyright 2019, cxsecurity.com

 

Back to Top