Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "18.09.7-0ubuntu1~16.04.9+esm1", "binary_name": "docker-doc" }, { "binary_version": "18.09.7-0ubuntu1~16.04.9+esm1", "binary_name": "docker.io" }, { "binary_version": "18.09.7-0ubuntu1~16.04.9+esm1", "binary_name": "golang-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.9+esm1", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.9+esm1", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "20.10.7-0ubuntu1~18.04.2", "binary_name": "docker-doc" }, { "binary_version": "20.10.7-0ubuntu1~18.04.2", "binary_name": "docker.io" }, { "binary_version": "20.10.7-0ubuntu1~18.04.2", "binary_name": "golang-docker-dev" }, { "binary_version": "20.10.7-0ubuntu1~18.04.2", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "20.10.7-0ubuntu1~18.04.2", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "20.10.7-0ubuntu1~20.04.2", "binary_name": "docker-doc" }, { "binary_version": "20.10.7-0ubuntu1~20.04.2", "binary_name": "docker.io" }, { "binary_version": "20.10.7-0ubuntu1~20.04.2", "binary_name": "golang-docker-dev" }, { "binary_version": "20.10.7-0ubuntu1~20.04.2", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "20.10.7-0ubuntu1~20.04.2", "binary_name": "vim-syntax-docker" } ] }