cbcvebase.
CVE-2015-3627
published 2015-05-18

CVE-2015-3627: Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to…

PriorityP429high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.61%
44.6th percentile
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

Affected

8 ranges
VendorProductVersion rangeFixed in
debiandocker.io< docker.io 1.6.1+dfsg1-1 (bookworm)docker.io 1.6.1+dfsg1-1 (bookworm)
dockerdocker<= 1.6
dockerlibcontainer<= 1.6.0
github.comdocker_docker>= 0 < 1.6.11.6.1
msrccbl_mariner_1.0_arm
msrccbl_mariner_1.0_x64
xmlsoftlibxml2>= 0 < 2.9.1+dfsg1-3ubuntu4.82.9.1+dfsg1-3ubuntu4.8
xmlsoftlibxml2>= 0 < 2.9.3+dfsg1-1ubuntu0.12.9.3+dfsg1-1ubuntu0.1

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.5HIGH
vendor_debian7.2HIGH
vendor_msrc7.2HIGH
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.