Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization (mount namespace breakout) and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libcontainer | Docker | 1.6.0 | 1.6.0 |