Bug 1714722 (CVE-2018-15664) - CVE-2018-15664 docker: symlink-exchange race attacks in docker cp
Summary: CVE-2018-15664 docker: symlink-exchange race attacks in docker cp
Alias: CVE-2018-15664
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1714723 1714724 1717087 1717219 1717220
Blocks: 1714728
TreeView+ depends on / blocked
Reported: 2019-05-28 17:25 UTC by Laura Pardo
Modified: 2021-02-16 21:53 UTC (History)
52 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was discovered in the API endpoint behind the 'docker cp' command. The endpoint is vulnerable to a Time Of Check to Time Of Use (TOCTOU) vulnerability in the way it handles symbolic links inside a container. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.
Clone Of:
Last Closed: 2019-07-29 19:18:43 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 4193161 0 None None None 2019-06-03 15:13:55 UTC
Red Hat Product Errata RHSA-2019:1910 0 None None None 2019-07-29 16:17:48 UTC

Internal Links: 1738599

Description Laura Pardo 2019-05-28 17:25:53 UTC
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).


Upstream Patch:

Comment 1 Laura Pardo 2019-05-28 17:26:26 UTC
Created docker tracking bugs for this issue:

Affects: fedora-all [bug 1714724]

Comment 7 Dave Baker 2019-05-29 23:36:28 UTC
Updating CVSS to more accurately reflect a better understanding of the attack complexity.  Dropping severity to moderate accordingly.

Comment 11 Zhigang Wang 2019-05-30 17:32:46 UTC
Is an Openshift Cluster with the anyuid SCC enabled is susceptible to CVE-2018-15664?

Comment 13 Sam Fowler 2019-05-31 00:01:25 UTC
A similar flaw was also found in podman. It has been assigned CVE-2019-10152:


Comment 15 Riccardo Schirone 2019-05-31 09:25:29 UTC
Upstream PR https://github.com/moby/moby/pull/39252 has been closed in favour of https://github.com/moby/moby/pull/39292

Comment 16 Riccardo Schirone 2019-05-31 12:13:16 UTC
Attack Complexity(AC) set to High(H) because the attacker cannot exploit the flaw at will, but it may require the victim user to run `docker cp` several times before the race condition is won.

Comment 22 Riccardo Schirone 2019-06-04 09:41:27 UTC
Setting Privileges Required(PR) to Low(L) because an attacker needs to be able to run commands on a container and thus have some privileges there to perform the attack. Moreover, User Interaction(I) set to Required(R) because the attacker needs to wait for the user to perform a `docker cp` (probably even more than one time) to perform his attack.

Comment 24 Dave Baker 2019-06-04 12:48:13 UTC
External References:


Comment 25 Dave Baker 2019-06-04 13:21:34 UTC
My testing with the POC shared on the oss-security posting also reveals a ~1% success rate on hitting the race condition on run_read.sh

Comment 26 Riccardo Schirone 2019-06-04 16:39:19 UTC
Upstream PR https://github.com/moby/moby/pull/39292 was merged into master branch and it seems to be the right fix for this CVE.

Comment 28 Dave Baker 2019-06-04 23:01:27 UTC

Stopping a container prior to running "docker cp" removes the TOCTOU vulnerability.

Comment 30 Riccardo Schirone 2019-06-05 07:34:21 UTC
Function GetResourcePath() uses FollowSymlinkInScope(), which is used to evaluate a path within a given scope and it returns a path guaranteed to be contained in the scope at the time of the call. However, if components of the path change after the call to these functions, the guarantee does not hold anymore. Functions that use functions like ResolvePath(), GetResourcePath(), FollowSymlinkInScope() and others similar to those, may be vulnerable to a Time of Check to Time Of Use(TOCTOU) vulnerability, where the resolved path may be correctly scoped inside the container at the time of the check, but it escapes into the host filesystem at the time of use.

In particular, containerArchivePath() and containerExtractToDir() are used when copying files respectively from and to a container and they are vulnerable to this flaw. An attacker who has compromised a running container could run a program to try to exploit this flaw while another privileged user is running `docker cp` to copy files from/to the container.

Comment 37 errata-xmlrpc 2019-07-29 16:17:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extras

Via RHSA-2019:1910 https://access.redhat.com/errata/RHSA-2019:1910

Comment 38 Product Security DevOps Team 2019-07-29 19:18:43 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):


Comment 39 Joshua Padman 2019-09-03 05:05:49 UTC

All versions of docker prior to the fix are vulnerable to this flaw.

For clarity, in the "Affected Packages State" table, we only include OpenShift Container Platform (OCP) versions 3.7 and below because for these versions docker was shipped as part of the release.  For all subsequent versions of OCP until 3.11, docker is installed from the RHEL Extras repository meaning clusters will be vulnerable to the flaw unless an updated docker package has been applied.

Red Hat Fuse provides only the Docker client library and is not affected by this vulnerability.

Note You need to log in before you can comment on or make changes to this bug.