Ubuntu Security Notice 5103-1 - Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges.
7a01af2ea9484fff7532ca3bfbbb438b4fa068ac9fd281d8a066ddbdb38c8749