Jasiel Spelman discovered that docker-credential-helpers has a double free. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "0.5.0-2ubuntu0.1+esm1", "binary_name": "golang-docker-credential-helpers" }, { "binary_version": "0.5.0-2ubuntu0.1+esm1", "binary_name": "golang-docker-credential-helpers-dbgsym" }, { "binary_version": "0.5.0-2ubuntu0.1+esm1", "binary_name": "golang-github-docker-docker-credential-helpers-dev" } ] }