Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2015-3629

Published: 18/05/2015 Updated: 02/02/2024
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Libcontainer

Vulnerability Summary

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

Vulnerable Product Search on Vulmon Subscribe to Product

docker libcontainer 1.6.0

opensuse opensuse 13.2

Vendor Advisories

Debian CVElist Bug Report Logs: docker.io: CVE-2015-3627 CVE-2015-3629 CVE-2015-3630 CVE-2015-3631
Debian Bug report logs - #784726 dockerio: CVE-2015-3627 CVE-2015-3629 CVE-2015-3630 CVE-2015-3631 Package: src:dockerio; Maintainer for src:dockerio is Dmitry Smirnov <onlyjob@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 8 May 2015 04:57:01 UTC Severity: grave Tags: fixed-upstrea ...
Amazon Linux AMI: ALAS-2015-522
The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal This allows malicious container images to trigger a local privilege escalation (CVE-2015-3627) Libcontainer version 160 introduced changes which facilitated a mou ...
Red Hat: CVE-2015-3629
Libcontainer 160, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container ...

References

CWE-59http://seclists.org/fulldisclosure/2015/May/28http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.htmlhttp://www.securityfocus.com/bid/74558http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.htmlhttps://groups.google.com/forum/#%21searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784726https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2015-522.htmlhttps://access.redhat.com/security/cve/cve-2015-3629
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525CVE-2024-4652CVE-2024-1438CVE-2024-4671CVE-2024-34351arbitrary CVE-2024-4650SQL injectionoverflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook