Bug 945060 - (CVE-2015-3631) VUL-0: CVE-2015-3631: docker: volume mounts allow LSM profile escalation
(CVE-2015-3631)
VUL-0: CVE-2015-3631: docker: volume mounts allow LSM profile escalation
Status: RESOLVED DUPLICATE of bug 930235
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Normal
: ---
Assigned To: Flavio Castelli
Security Team bot
https://smash.suse.de/issue/116536/
CVSSv2:NVD:CVE-2015-3631:3.6:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-09 15:29 UTC by Marcus Meissner
Modified: 2019-05-01 16:52 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-09-09 15:29:40 UTC
rh#1219065

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security
Modules (LSM) and docker_t policies via an image that allows volumes to override
files in /proc.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1219065
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3631
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3631.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3631
http://www.cvedetails.com/cve/CVE-2015-3631/
Comment 1 Marcus Meissner 2015-09-09 15:31:09 UTC
dup of 930235

*** This bug has been marked as a duplicate of bug 930235 ***