Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
Original advisory details:
Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "18.09.7-0ubuntu1~16.04.5", "binary_name": "docker-doc" }, { "binary_version": "18.09.7-0ubuntu1~16.04.5", "binary_name": "docker.io" }, { "binary_version": "18.09.7-0ubuntu1~16.04.5", "binary_name": "golang-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.5", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.5", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "18.09.7-0ubuntu1~18.04.4", "binary_name": "docker-doc" }, { "binary_version": "18.09.7-0ubuntu1~18.04.4", "binary_name": "docker.io" }, { "binary_version": "18.09.7-0ubuntu1~18.04.4", "binary_name": "golang-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~18.04.4", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~18.04.4", "binary_name": "vim-syntax-docker" } ] }