A pair of SUSE security researchers have unearthed a vulnerability within all versions of the Docker container engine that provides an attacker a way to get to the host or other containers managed by the host. A patch has been submitted upstream for the vulnerability (CVE-2018-15664), and is currently under review, according to security researcher Aleksa Sarai.
“It’s a pretty serious vulnerability because it can totally violate the data integrity or confidentiality in place, because the attacker can both read and modify files,” within the container or host system, said Kelly Shortridge, vice president of product strategy at production Linux security provider Capsule8, an author of a blog post describing the vulnerability in greater detail. Docker provided some details to minimize the attack surface until a workout is issued in next month’s release.
Docker’s widely-used FollowSymlinkInScope function is the source of the vulnerability, as it suffers from a TOCTOU (time of check to time of use) race condition. As Sarai wrote:
The purpose of FollowSymlinkInScope is to take a given path and safely resolve it as though the process was inside the container. After the full path has been resolved, the resolved path is passed around a bit and then operated on a bit later. … If an attacker can add a [symbolic ink] component to the path after the resolution but before it is operated on, then you could end up resolving the symlink path
component on the host as root.
Perhaps most notably, the “docker cp” copying command uses FollowSymlinkInScope, and can be misused to get read and write access to any path. on the host. The function, however, is used in other places within the docker codebase. As an example, SUSE has crafted two exploit scripts that take advantage of this hole.
The good news is that “docker cp” doesn’t appear to be used in a lot of automated operations, Shortridge said. She recommended companies block the use of the “docker cp” command until Docker issues a patch, particularly those organizations with a high priority for data integrity.
Responding to an e-mail inquiry, a Docker spokesperson added some more context about the scope of this vulnerability.
An attack scenario “would only be possible if the container was already compromised and a user was using “docker cp” to replicate the container files and occurred at the same time the copy was being made, a window that is only a few milliseconds,” the company noted.
As a short-term measure, users can address the issue by manually running “docker pause” before using “docker cp” to copy files, and “docker unpause” after the copy has been made, according to the company. Next month’s release will remediate the issue by inserting a “docker pause” automatically to a “docker cp” command, which freezes the container when a copy is being made and prevents the container from modifying the data.
To prevent similar issues in the future, Sarai has developed a number of Linux kernel patches that would safely resolve paths within a rootfs, as well as a “secure join” library to detect attacks on older kernels.
Last month, Docker’s container repository, Docker Hub, was breached by attackers.
Capsule8 is a sponsor of The New Stack.
The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.