Cory Snider discovered that Docker incorrectly handled networking packet encapsulation. An attacker could use this issue to inject internet packets in established connection, possibly causing a denial of service or bypassing firewall protections. This issue only affected Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. (CVE-2023-28840, CVE-2023-28841, CVE-2023-28842)
Rory McNamara discovered that Docker incorrectly handled cache in the BuildKit toolkit. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-23651)
It was discovered that Docker incorrectly handled parallel operations in some circumstances, which could possibly lead to undefined behavior. (CVE-2024-36621, CVE-2024-36623)
Rory McNamara discovered that Docker incorrectly verified file paths during a certain command in the BuildKit toolkit. An attacker could possibly use this issue to delete arbitrary files from the system. (CVE-2024-23652)
{ "binaries": [ { "binary_name": "docker-doc", "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3" }, { "binary_name": "docker.io", "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3" }, { "binary_name": "golang-docker-dev", "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3" }, { "binary_name": "golang-github-docker-docker-dev", "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3" }, { "binary_name": "vim-syntax-docker", "binary_version": "20.10.21-0ubuntu1~18.04.3+esm3" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "golang-docker-dev", "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2" }, { "binary_name": "golang-github-docker-docker-dev", "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2" }, { "binary_name": "vim-syntax-docker", "binary_version": "20.10.21-0ubuntu1~20.04.6+esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "golang-docker-dev", "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2" }, { "binary_name": "golang-github-docker-docker-dev", "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2" }, { "binary_name": "vim-syntax-docker", "binary_version": "20.10.21-0ubuntu1~22.04.7+esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }