Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 41: Serious Docker-Buildx Cross-Origin Protection Bypass Issue

fedora
Calendar Grey October 12, 2025
Dist Fedora Esm H88
Fedora 41 Docker Buildx update addresses important CrossOriginProtection bypass vulnerabilities.
Update to release v0.29.1 Upstream fixes Update to release v0.29.0 Resolves: rhbz#2397747, rhbz#2398425, rhbz#2398679, rhbz#2399082, rhbz#2399355

Summary

Docker CLI plugin for extended build capabilities with BuildKit.

Update Information:

Update to release v0.29.1 Upstream fixes Update to release v0.29.0 Resolves: rhbz#2397747, rhbz#2398425, rhbz#2398679, rhbz#2399082, rhbz#2399355 Upstream new features and fixes

Topics%20covered

Topics Covered

security advisory fedora important bypass cross-origin docker-buildx

Change Log

* Fri Oct 3 2025 Bradley G Smith - 0.29.1-1 - Update to release v0.29.1 - Upstream fixes * Tue Sep 30 2025 Bradley G Smith - 0.29.0-1 - Update to release v0.29.0 - Resolves: rhbz#2397747, rhbz#2398425, rhbz#2398679, rhbz#2399082, rhbz#2399355 - Upstream new features and fixes

References


[ 1 ] Bug #2397747 - docker-buildx-0.29.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2397747 [ 2 ] Bug #2398425 - CVE-2025-47910 docker-buildx: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398425 [ 3 ] Bug #2398679 - CVE-2025-47910 docker-buildx: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398679 [ 4 ] Bug #2399082 - CVE-2025-47906 docker-buildx: Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399082 [ 5 ] Bug #2399355 - CVE-2025-47906 docker-buildx: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399355

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-455aa01b65' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: docker-buildx
Product: Fedora 41
Version: 0.29.1
Release: 1.fc41
URL: https://github.com/docker/buildx
Summary: Docker CLI plugin for extended build capabilities with BuildKit

Topics%20covered

Topics Covered

security advisory fedora important bypass cross-origin docker-buildx

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here