QwikSec

Security Database

CVE

CWE

Training

CVE-2018-15664

Published: May 23, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.suse.com/show_bug.cgi?id=1096726

x_refsource_MISC

https://github.com/moby/moby/pull/39252

x_refsource_MISC

[oss-security] 20190528 CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

openSUSE-SU-2019:1621

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

[oss-security] 20190821 RE: CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2044

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.