Debian Docker.Io vulnerabilities

CVE-2015-3629 [HIGH] CVE-2015-3629: docker.io - Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape conta... Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. Scope: local bookworm: resolved (fixed in 1.6.1+dfsg1-1) bullseye: resolved (fixed in 1.6.1+dfsg1-1) forky: resolved (fixed in 1.6.1+dfsg1

CVE-2015-3630 [HIGH] CVE-2015-3630: docker.io - Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc... Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image. Scope: local bookworm: resolved (fixed in 1.6.1+dfsg1-1) bullseye: resolved (fixed in 1.6.1+dfsg

CVE-2015-3627 [HIGH] CVE-2015-3627: docker.io - Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to ... Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image. Scope: local bookworm: resolved (fixed in 1.6.1+dfsg1-1) bullseye: resolved (fixed in 1.6.1+dfsg1-1) forky: resolved (fixed in 1.6.1+dfsg1-1) sid: resolved (fixed

CVE-2015-3631 [LOW] CVE-2015-3631: docker.io - Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Mo... Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc. Scope: local bookworm: resolved (fixed in 1.6.1+dfsg1-1) bullseye: resolved (fixed in 1.6.1+dfsg1-1) forky: resolved (fixed in 1.6.1+dfsg1-1) sid: resolved (fixed in 1.6.1+dfsg1-1) trixie: resol

CVE-2015-1843 [MEDIUM] CVE-2015-1843: docker.io - The Red Hat docker package before 1.5.0-28, when using the --add-registry option... The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. NOTE: this v

CVE-2014-0048 [CRITICAL] CVE-2014-0048: docker.io - An issue was found in Docker before 1.6.0. Some programs and scripts in Docker a... An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways. Scope: local bookworm: resolved (fixed in 1.6.0+dfsg1-1) bullseye: resolved (fixed in 1.6.0+dfsg1-1) forky: resolved (fixed in 1.6.0+dfsg1-1) sid: resolved (fixed in 1.6.0+dfsg1-1) trixie: resolved (fixed in 1.6.0+dfsg1

CVE-2014-9357 [CRITICAL] CVE-2014-9357: docker.io - Docker 1.3.2 allows remote attackers to execute arbitrary code with root privile... Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction. Scope: local bookworm: resolved (fixed in 1.3.3~dfsg1-1) bullseye: resolved (fixed in 1.3.3~dfsg1-1) forky: resolved (fixed in 1.3.3~dfsg1-1) sid: resolved

CVE-2014-0047 [HIGH] CVE-2014-0047: docker.io - Docker before 1.5 allows local users to have unspecified impact via vectors invo... Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. Scope: local bookworm: resolved (fixed in 1.6.0+dfsg1-1) bullseye: resolved (fixed in 1.6.0+dfsg1-1) forky: resolved (fixed in 1.6.0+dfsg1-1) sid: resolved (fixed in 1.6.0+dfsg1-1) trixie: resolved (fixed in 1.6.0+dfsg1-1)

CVE-2014-8179 [HIGH] CVE-2014-8179: docker.io - Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not proper... Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation. Scope: local bookworm: resolved (fixed in 1.8.3~ds1-1) bullseye: resolved (fixed in 1.8.3~ds1-1)

CVE-2014-6407 [HIGH] CVE-2014-6407: docker.io - Docker before 1.3.2 allows remote attackers to write to arbitrary files and exec... Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. Scope: local bookworm: resolved (fixed in 1.3.2~dfsg1-1) bullseye: resolved (fixed in 1.3.2~dfsg1-1) forky: resolved (fixed in 1.3.2~dfsg1-1) sid: resolved (fixed in 1.3.

CVE-2014-9356 [HIGH] CVE-2014-9356: docker.io - Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to w... Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile. Scope: local bookworm: resolved (fixed in 1.3.3~dfsg1-1) bullseye: resolved (fixed in 1.3.3~dfsg1-1) forky: resolved (fixed in 1.3.3~dfsg1-1)

CVE-2014-5282 [HIGH] CVE-2014-5282: docker.io - Docker before 1.3 does not properly validate image IDs, which allows remote atta... Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. Scope: local bookworm: resolved (fixed in 1.3.0~dfsg1-1) bullseye: resolved (fixed in 1.3.0~dfsg1-1) forky: resolved (fixed in 1.3.0~dfsg1-1) sid: resolved (fixed in 1.3.0~dfsg1-1) trixie: resol

CVE-2014-6408 [MEDIUM] CVE-2014-6408: docker.io - Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run pro... Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. Scope: local bookworm: resolved (fixed in 1.3.2~dfsg1-1) bullseye: resolved (fixed in 1.3.2~dfsg1-1) forky: resolved (fixed in 1.3.2~dfsg1-1) sid: resolved (fixed in 1.3.2~d

CVE-2014-8178 [MEDIUM] CVE-2014-8178: docker.io - Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a gl... Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands. Scope: local bookworm: resolved (fixed in 1.8.3~ds1-1) bullseye: resolved (fixed in 1.8.3~ds1-1) forky: resolved (fixed in 1.8.3~d

CVE-2014-5277 [MEDIUM] CVE-2014-5277: docker.io - Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS ... Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. Scope: local bookworm: resolved (fixed in 1.3.1~

CVE-2014-9358 [MEDIUM] CVE-2014-9358: docker.io - Docker before 1.3.3 does not properly validate image IDs, which allows remote at... Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications." Scope: local bookworm: resolved (fixed in 1.3.3~dfsg1-1) bullseye: resolved (fixed in 1.3.3~dfsg1-1) forky: resolved (fixed in 1.3.3~d

CVE-2014-5278 [MEDIUM] CVE-2014-5278: docker.io - A vulnerability exists in Docker before 1.2 via container names, which may colli... A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs. Scope: local bookworm: resolved (fixed in 1.2.0~dfsg1-1) bullseye: resolved (fixed in 1.2.0~dfsg1-1) forky: resolved (fixed in 1.2.0~dfsg1-1) sid: resolved (fixed in 1.2.0~dfsg1-1) trixie: resolved (fixed in 1.2.0~dfsg1-1)

CVE-2014-3499 [HIGH] CVE-2014-3499: docker.io - Docker 1.0.0 uses world-readable and world-writable permissions on the managemen... Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved