SoylentNews is people
SoylentNews
All versions of Docker are currently vulnerable to a race condition that could give an attacker both read and write access to any file on the host system. Proof-of-concept code has been released.
The flaw is similar to CVE-2018-15664 and it offers a window of opportunity for hackers to modify resource paths after resolution but before the assigned program starts operating on the resource. This is known as a time-to-check-time-to-use (TOCTOU) type of bug.
This discussion has been archived.
No new comments can be posted.
Unpatched Flaw Affects All Docker Versions, Exploits Ready
|
Log In/Create an Account
| Top
| 15 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Remember the good old days, when CPU was singular?
(Score: 2, Informative) by Anonymous Coward on Thursday May 30 2019, @07:13AM
This is not an accident. It's the diabolical work of the deep state trying to keep you ignorant and complacent.
By denying knowledge of Docker, the evil gub'mint is making you a slave. Bow to your masters!
But you can fight back! Don't let those authoritarian scum keep you from your birthright!
Find out the real story [wikipedia.org], not the lies you're being spoon-fed.
But don't stop there! Make sure you uncover the depths of lies and deception [wikipedia.org] designed to keep you in chains!
tl;dr: RTFM, lazy bastard.