cve/CVE-2015-3627.md at 2915d1566e6489282142ef6b227613f67b2de9c3

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-14 20:08:44 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

POC

Reference

http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/k4lii/report-cve
https://github.com/xxg1413/docker-security

814 B Raw Blame History

CVE-2015-3627

Description

POC

Reference

Github

814 B

Raw Blame History