Update Docker: Fun bug involving file paths and shared libraries turns out to be a security hole
https://www.theregister.co.uk/2019/11/21/docker_cp_flaw/
Miscreants can potentially hijack Docker users' computers by tricking them into running malicious containers and waiting for them to kick off a simple copy command – thanks to a critical flaw.
Bug hunters at Palo Alto Networks' Unit 42 say the vulnerability, designated CVE-2019-14271, is the most severe found in Docker since the disclosure of the runc hole in February.
Update Docker: Fun bug involving file paths and shared libraries turns out to be a security hole
Nov 21, 2019, 10:31am UTC
https://www.theregister.co.uk/2019/11/21/docker_cp_flaw/
> Miscreants can potentially hijack Docker users' computers by tricking them into running malicious containers and waiting for them to kick off a simple copy command – thanks to a critical flaw.
> Bug hunters at Palo Alto Networks' Unit 42 say the vulnerability, designated CVE-2019-14271, is the most severe found in Docker since the disclosure of the runc hole in February.