Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "docker-doc": "18.09.7-0ubuntu1~16.04.9+esm1", "docker.io": "18.09.7-0ubuntu1~16.04.9+esm1", "golang-github-docker-docker-dev": "18.09.7-0ubuntu1~16.04.9+esm1", "golang-docker-dev": "18.09.7-0ubuntu1~16.04.9+esm1", "vim-syntax-docker": "18.09.7-0ubuntu1~16.04.9+esm1" } ] }
{ "availability": "No subscription required", "binaries": [ { "docker-doc": "20.10.7-0ubuntu1~18.04.2", "docker.io": "20.10.7-0ubuntu1~18.04.2", "golang-github-docker-docker-dev": "20.10.7-0ubuntu1~18.04.2", "golang-docker-dev": "20.10.7-0ubuntu1~18.04.2", "vim-syntax-docker": "20.10.7-0ubuntu1~18.04.2" } ] }
{ "availability": "No subscription required", "binaries": [ { "docker-doc": "20.10.7-0ubuntu1~20.04.2", "docker.io": "20.10.7-0ubuntu1~20.04.2", "golang-github-docker-docker-dev": "20.10.7-0ubuntu1~20.04.2", "golang-docker-dev": "20.10.7-0ubuntu1~20.04.2", "vim-syntax-docker": "20.10.7-0ubuntu1~20.04.2" } ] }