Trending CVEs for the Week of June 3rd, 2019
- Jun 06, 2019
- Michael Tucker
The BlueKeep vulnerability is still trending on social media and we extensively covered CVE-2019-0708 in May 27th and May 20th blog posts. This week, we will talk about CVE-2018-15664 which is runner-up in the list. Docker is vulnerable to a symlink-race attack.
The API endpoints behind the ‘docker cp’ command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
Affected Packages are:
And, following products are still under investigation:
An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.
Stopping a container prior to running “docker cp” removes the TOCTOU vulnerability.