Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Docker vulnerabilities

Related Vulnerabilities: CVE-2018-15664   CVE-2019-5736  

Docker could be made to overwrite files as the administrator.

Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.

Source

8 July 2019

Docker vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary

Docker could be made to overwrite files as the administrator.

Software Description

  • docker.io - Linux container runtime

Details

Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
docker.io - 18.09.7-0ubuntu1~19.04.4
Ubuntu 18.10
docker.io - 18.09.7-0ubuntu1~18.10.3
Ubuntu 18.04 LTS
docker.io - 18.09.7-0ubuntu1~18.04.3
Ubuntu 16.04 LTS
docker.io - 18.09.7-0ubuntu1~16.04.4

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started