Published: 04/11/2017 Updated: 27/11/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby up to and including 17.03.2-ce does not block /proc/scsi pathnames, which allows malicious users to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mobyproject moby

Debian Bug report logs - #900140 dockerio: CVE-2017-16539: The DefaultLinuxSpec function does not block /proc/scsi pathnames Package: src:dockerio; Maintainer for src:dockerio is Dmitry Smirnov <onlyjob@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 26 May 2018 18:33:01 UTC Severity: ...

The DefaultLinuxSpec function in oci/defaultsgo in Docker Moby through 17032-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP ...

CWE-200 https://twitter.com/ewindisch/status/926443521820774401 https://github.com/moby/moby/pull/35399/commits/a21ecdf3c8a343a7c94e4c4d01b178c87ca7aaa1 https://github.com/moby/moby/pull/35399 https://marc.info/?l=linux-scsi&m=150985455801444&w=2 https://marc.info/?l=linux-scsi&m=150985062200941&w=2 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900140 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-16539

CVE-2017-16539

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect