Summary: | <app-emulation/docker-1.6.1: multiple vulnerabilities (CVE-2015-{3627,3629,3630,3631}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | admwiggin, alunduil, proxy-maint, williamh, xarthisius |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/05/07/10 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-05-08 07:04:44 UTC
I added 1.6.1 to docker-overlay yesterday (https://github.com/tianon/docker-overlay/blob/master/app-emulation/docker/docker-1.6.1.ebuild), it just needs to be proxied in and old versions removed. :) 08 May 2015; Kacper Kowalik <xarthisius@gentoo.org> -docker-1.5.0.ebuild: drop old wrt #548884 08 May 2015; Kacper Kowalik <xarthisius@gentoo.org> +docker-1.6.1.ebuild, -docker-1.6.0.ebuild: Version bump, drop old wrt #548884 CVE-2015-3631 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3631): Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc. CVE-2015-3630 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3630): Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image. CVE-2015-3629 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3629): Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. CVE-2015-3627 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3627): Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image. @maintainer(s), please cleanup the vulnerable versions in the tree. Thank you. No vulnerable versions in tree. |