CVE-2015-3629 — Link Following in Docker Docker

CWE-59 — Link Following CWE-22 — Path Traversal11 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.2%

top 60.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Docker Docker Docker Libcontainer Opensuse

Timeline

PublishedMay 18

Latest updateAug 21

Description

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDdocker/libcontainer1.6.0

▶Gogithub.com/docker_docker1.6.0 — 1.6.1

▶NVDopensuse/opensuse13.2

🔴Vulnerability Details

OSV

Arbitrary File Write in Libcontainer in github.com/docker/docker↗2024-08-21

▶

GHSA

Arbitrary File Write in Libcontainer↗2022-02-15

▶

OSV

Arbitrary File Write in Libcontainer↗2022-02-15

▶

CVEList

CVE-2015-3629: Libcontainer 1↗2015-05-18

▶

OSV

CVE-2015-3629: Libcontainer 1↗2015-05-18

▶

📋Vendor Advisories

Red Hat

docker: symlink traversal on container respawn allows local privilege escalation↗2015-05-07

▶

Debian

CVE-2015-3629: docker.io - Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape conta...↗2015

▶

💬Community

Bugzilla

CVE-2015-3629 docker-io: docker: symlink traversal on container respawn allows local privilege escalation [fedora-all]↗2015-05-08

▶

Bugzilla

CVE-2015-3629 docker-io: docker: symlink traversal on container respawn allows local privilege escalation [epel-6]↗2015-05-08

▶

Bugzilla

CVE-2015-3629 docker: symlink traversal on container respawn allows local privilege escalation↗2015-05-06

▶