Libcontainer and Docker Engine prior to 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
docker libcontainer |
||
docker docker |