A recently discovered vulnerability in the Docker container platform could allow an attacker to gain access to files used by other containers and the host server itself. And, in an unusual progression of events, the vulnerability and exploits have been disclosed before patches are available.
The vulnerability, designated CVE-2018-15664, was discovered by researcher Aleka Sarai. A flaw in the Docker “cp” command, which provides a method for copying a file from the host system to a container, could give an attacker arbitrary read-write access to the host file system with root privileges.
A “race condition” — specifically a “time of check to time of use” (TOCTOU) bug — lies at the heart of the vulnerability. In this case, the problem is that a file path that has been checked for safe and authorized copying conditions can be changed between the time of verification and the time of copying, changed to any file, anywhere on the host server.
Read more: Dark Reading