All versions of Docker are currently vulnerable to a race condition that could give an attacker both read and write access to any file on the host system. Proof-of-concept code has been released.
The flaw is similar to CVE-2018-15664 and it offers a window of opportunity for hackers to modify resource paths after resolution but before the assigned program starts operating on the resource. This is known as a time-to-check-time-to-use (TOCTOU) type of bug.
(Score: 0) by Anonymous Coward on Thursday May 30 2019, @01:19AM
Docker is the the facto standard in container. And containers are like chroot but more dynamic on the network side.