moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3", "binary_name": "docker-doc" }, { "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3", "binary_name": "docker.io" }, { "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3", "binary_name": "golang-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2", "binary_name": "golang-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2", "binary_name": "golang-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2", "binary_name": "vim-syntax-docker" } ] }