Endpoint Vulnerability

Docker Security Advisory: CVE-2015-3627

Description

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

Affected Products

Docker

References

CVE-2015-3627,