Docker Vulnerability Opens Servers to Container Code

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots

31st May, 2019 1 Min read

A recently discovered vulnerability in the Docker container platform could allow an attacker to gain access to files used by other containers and the host server itself. And, in an unusual progression of events, the vulnerability and exploits have been disclosed before patches are available.

The vulnerability, designated CVE-2018-15664, was discovered by researcher Aleka Sarai. A flaw in the Docker “cp” command, which provides a method for copying a file from the host system to a container, could give an attacker arbitrary read-write access to the host file system with root privileges.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

A “race condition” — specifically a “time of check to time of use” (TOCTOU) bug — lies at the heart of the vulnerability. In this case, the problem is that a file path that has been checked for safe and authorized copying conditions can be changed between the time of verification and the time of copying, changed to any file, anywhere on the host server.

Latest Articles

Web Security

Three Ways CISOs Can Combat Emerging Threats in 2025

73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

11th November, 2024

Cloud Cost Optimization

How Optimizing Kafka Can Save Costs of the Whole System

Kafka is no longer exclusively the domain of high-velocity Big Data use cases. Today, it is utilized on by workloads and companies of all sizes, supporting asynchronous communication between even small groups of microservices. But this expanded usage has led to problems with cost creep that threaten many companies’ bottom lines. And due to the […]

29th September, 2024

Cloud Migration Service

Migrating Volumez RedHat VMs into Amazon Linux 2 for higher effective discounts rate of Saving Plan

A cloud data infrastructure company relied on extensive use of multiple instance types to test its products. But this made it difficult to optimize costs – a fact which had begun to impact their ability to scale the business. The GlobalDots team helped the company identify and implement a new infrastructure configuration that both saved […]

19th September, 2024

Compliance Automation

How Yuki Achieved SOC 2 Compliance 6x Faster

Overview A fast-growing Snowflake optimization platform was missing out on customers because they didn’t have the right data security compliance. Through multiple consultations and extensive vendor-testing, the GlobalDots team selected a solution to provide both tech and human support, helping the company achieve SOC 2 compliance within just 3 months – and win new customers […]

16th September, 2024

Back to Resources

Unlock Your Cloud Potential