High severityNVD Advisory· Published May 18, 2015· Updated May 6, 2026
CVE-2015-3630
CVE-2015-3630
Description
Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/docker/dockerGo | >= 1.6.0, < 1.6.1 | 1.6.1 |
Affected products
1Patches
1545b440a80f6Mount /proc/fs as readonly
1 file changed · +1 −0
daemon/execdriver/native/template/default_template.go+1 −0 modified@@ -86,6 +86,7 @@ func New() *configs.Config { ReadonlyPaths: []string{ "/proc/asound", "/proc/bus", + "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger",
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
14- github.com/advisories/GHSA-8fvr-5rqf-3wwhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-3630ghsaADVISORY
- github.com/moby/moby/commit/545b440a80f676a506e5837678dd4c4f65e78660ghsaWEB
- groups.google.com/forum/ghsaWEB
- groups.google.com/forum/nvdWEB
- lists.opensuse.org/opensuse-updates/2015-05/msg00023.htmlghsaWEB
- packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.htmlghsaWEB
- seclists.org/fulldisclosure/2015/May/28ghsaWEB
- web.nvd.nist.gov/view/vuln/detailghsaWEB
- www.securityfocus.com/bid/74566ghsaWEB
- lists.opensuse.org/opensuse-updates/2015-05/msg00023.htmlnvd
- packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.htmlnvd
- seclists.org/fulldisclosure/2015/May/28nvd
- www.securityfocus.com/bid/74566nvd
News mentions
0No linked articles in our index yet.