Bugzilla – Bug 907012
VUL-0: CVE-2014-6407: docker: symbolic and hardlink issues leading to privilege escalation
Last modified: 2018-12-14 15:10:00 UTC
The Docker engine, up to and including version 1.3.1, was vulnerable to extracting files to arbitrary paths on the host during ‘docker pull’ and ‘docker load’ operations. This was caused by symlink and hardlink traversals present in Docker's image extraction. This vulnerability could be leveraged to perform remote code execution and privilege escalation. Docker 1.3.2 remedies this vulnerability. Additional checks have been added to pkg/archive and image extraction is now performed in a chroot. No remediation is available for older versions of Docker and users are advised to upgrade. Affects SLE 12 and openSUSE 13.2. Requires using an untrusted external repo, which is a bad idea anyway. References: https://bugzilla.redhat.com/show_bug.cgi?id=1167505 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6407 http://seclists.org/oss-sec/2014/q4/781
bugbot adjusting priority
Maintenance request submitted.
accepted and merged
openSUSE-SU-2014:1596-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 907012,907014 CVE References: CVE-2014-6407,CVE-2014-6408 Sources used: openSUSE 13.2 (src): docker-1.3.2-9.1
SUSE-SU-2014:1648-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 898901,902289,902413,907012,907014 CVE References: CVE-2014-5277,CVE-2014-5282,CVE-2014-6407,CVE-2014-6408,CVE-2014-7189 Sources used: SUSE Linux Enterprise Server 12 (src): docker-1.3.2-9.1, sle2docker-0.2.3-5.1
done