docker: symlink traversal on container respawn allows local privilege escalation

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

PT-2015-6249 · Docker +2 · Libcontainer +3

Name of the Vulnerable Software and Affected Versions: Docker Engine using Libcontainer version 1.6.0 Description: The issue allows local users to escape containerization and write to arbitrary files on the host system via a symlink attack in an image when respawning a container. This is due to a...