https://bugzilla.redhat.com/show_bug.cgi?id=1167505 Bug ID: 1167505 Summary: CVE-2014-6407 docker: symbolic and hardlink issues leading to privilege escalation Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: mmcallis(a)redhat.com CC: admiller(a)redhat.com, dwalsh(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)fedoraproject.org, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com The following flaw has been fixed in Docker 1.3.2: "" The Docker engine, up to and including version 1.3.1, was vulnerable to extracting files to arbitrary paths on the host during ‘docker pull’ and ‘docker load’ operations. This was caused by symlink and hardlink traversals present in Docker's image extraction. This vulnerability could be leveraged to perform remote code execution and privilege escalation. Docker 1.3.2 remedies this vulnerability. Additional checks have been added to pkg/archive and image extraction is now performed in a chroot. No remediation is available for older versions of Docker and users are advised to upgrade. "" Acknowledgements: Red Hat would like to thank the Docker project for reporting these issues. Upstream acknowledges Florian Weimer of Red Hat Product Security and independent researcher Tõnis Tiigi as the original reporters. Reference: http://seclists.org/oss-sec/2014/q4/781 -- You are receiving this mail because: You are on the CC list for the bug.