CVE-2018-15664
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-15664
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15664.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-15664
- Related
- Published
- 2019-05-23T14:29:07Z
- Modified
- 2025-02-14T10:39:19.955528Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
- References
-
- http://www.securityfocus.com/bid/108507
- https://access.redhat.com/errata/RHSA-2019:1910
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664
- http://www.openwall.com/lists/oss-security/2019/05/28/1
- https://bugzilla.suse.com/show_bug.cgi?id=1096726
- https://github.com/moby/moby/pull/39252
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html
- http://www.openwall.com/lists/oss-security/2019/08/21/1
- https://usn.ubuntu.com/4048-1/
- https://access.redhat.com/security/cve/cve-2018-15664
- https://security-tracker.debian.org/tracker/CVE-2018-15664
Affected packages
Debian:11 / docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/debian/docker.io?arch=source
Debian:12 / docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/debian/docker.io?arch=source
Debian:13 / docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/debian/docker.io?arch=source
Git / github.com/docker/docker
Affected ranges
- Type
- GIT
- Repo
- https://github.com/docker/docker
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/docker/docker-ce
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
0.*
0.0.3
Other
autorun/1
docs-v1.*
docs-v1.12.0-rc4-2016-07-15
upstream/0.*
upstream/0.1.1
upstream/0.1.2
upstream/0.1.3
upstream/0.1.4
v0.*
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.10.0
v0.11.0
v0.11.1
v0.12.0
v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.7
v0.4.8
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.7.0
v0.7.0-rc5
v0.7.0-rc6
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.8.0
v0.8.1
v0.9.0
v1.*
v1.0.0
v1.0.1
v1.1.0
v1.1.1
v1.1.2
v1.2.0
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.4.0
v1.4.1
v17.*
v17.06.0-ce
v17.06.0-ce-rc1
v17.06.0-ce-rc2
v17.06.0-ce-rc3
v17.06.0-ce-rc4
v17.06.0-ce-rc5
v17.07.0-ce-rc1
v17.07.0-ce-rc2
v17.09.0-ce
v17.09.0-ce-rc1
v17.09.0-ce-rc2
v17.09.0-ce-rc3
v17.09.1-ce
v17.09.1-ce-rc1
v17.10.0-ce-rc1
v17.10.0-ce-rc2
v17.11.0-ce
v17.11.0-ce-rc1
v17.11.0-ce-rc2
v17.11.0-ce-rc3
v17.11.0-ce-rc4
v17.12.0-ce-rc1
v17.12.0-ce-rc2
v17.12.0-ce-rc3
v17.12.0-ce-rc4
v18.*
v18.01.0-ce
v18.01.0-ce-rc1
v18.02.0-ce-rc1
v18.03.0-ce
v18.03.0-ce-rc1
v18.03.0-ce-rc2
v18.03.0-ce-rc3
v18.03.0-ce-rc4
v18.04.0-ce-rc1
v18.05.0-ce-rc1
v18.06.0-ce
v18.06.0-ce-rc1
v18.06.0-ce-rc2
v18.06.0-ce-rc3
v18.06.1-ce-rc1