USN-4103-2

See a problem?
Source
https://ubuntu.com/security/notices/USN-4103-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4103-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4103-2
Related
Published
2019-08-19T17:09:45.091146Z
Modified
2019-08-19T17:09:45.091146Z
Summary
Docker vulnerability
Details

Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.

Original advisory details:

Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.

References

Affected packages

Ubuntu:16.04:LTS / docker.io

Package

Name
docker.io

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
18.09.7-0ubuntu1~16.04.5

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "golang-docker-dev": "18.09.7-0ubuntu1~16.04.5",
            "docker.io": "18.09.7-0ubuntu1~16.04.5",
            "golang-github-docker-docker-dev": "18.09.7-0ubuntu1~16.04.5",
            "vim-syntax-docker": "18.09.7-0ubuntu1~16.04.5",
            "docker-doc": "18.09.7-0ubuntu1~16.04.5"
        }
    ]
}

Ubuntu:18.04:LTS / docker.io

Package

Name
docker.io

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
18.09.7-0ubuntu1~18.04.4

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "golang-docker-dev": "18.09.7-0ubuntu1~18.04.4",
            "docker.io": "18.09.7-0ubuntu1~18.04.4",
            "golang-github-docker-docker-dev": "18.09.7-0ubuntu1~18.04.4",
            "vim-syntax-docker": "18.09.7-0ubuntu1~18.04.4",
            "docker-doc": "18.09.7-0ubuntu1~18.04.4"
        }
    ]
}