Candidate: CVE-2015-3627
PublicDate: 2015-05-18 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3627
 http://www.openwall.com/lists/oss-security/2015/05/07/10
Description:
 Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor
 passed to the pid-1 process before performing the chroot, which allows
 local users to gain privileges via a symlink attack in an image.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Tõnis Tiigi
Assigned-to:
CVSS: 

Patches_docker.io:
upstream_docker.io: released (1.6.1)
precise_docker.io: DNE
precise/esm_docker.io: DNE
trusty_docker.io: released (1.6.2~dfsg1-1ubuntu4~14.04.1)
trusty/esm_docker.io: DNE (trusty was released [1.6.2~dfsg1-1ubuntu4~14.04.1])
utopic_docker.io: ignored (reached end-of-life)
vivid_docker.io: ignored (reached end-of-life)
vivid/stable-phone-overlay_docker.io: DNE
vivid/ubuntu-core_docker.io: DNE
wily_docker.io: ignored (reached end-of-life)
xenial_docker.io: not-affected (1.6.2~dfsg1-1ubuntu4)
yakkety_docker.io: ignored (reached end-of-life)
zesty_docker.io: not-affected (1.10.3-0ubuntu6)
devel_docker.io: not-affected (1.13.1-0ubuntu4)