Описание
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1219061docker: insecure opening of file-descriptor 1 leading to privilege escalation
EPSS
Процентиль: 29%
0.00105
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
ubuntu
больше 10 лет назад
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
nvd
больше 10 лет назад
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
debian
больше 10 лет назад
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor ...
EPSS
Процентиль: 29%
0.00105
Низкий
4.3 Medium
CVSS2