MGASA-2020-0279 - Updated docker packages fix security vulnerability Publication date: 05 Jul 2020 URL: https://advisories.mageia.org/MGASA-2020-0279.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13401 Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default. This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a man-in-the-middle (MitM) attack against the host network or another container (CVE-2020-13401). References: - https://bugs.mageia.org/show_bug.cgi?id=26815 - https://bugzilla.redhat.com/show_bug.cgi?id=1833233 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13401 SRPMS: - 7/core/docker-18.09.9-1.1.mga7
Mageia 2020-0279: docker security update
Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default
Summary
Updated docker packages fix security vulnerability:
A flaw was found in Docker when it creates network bridges that accept
IPv6 router advertisements by default. This flaw allows an attacker who
can execute code in a container to possibly spoof rogue IPv6 router
advertisements to perform a man-in-the-middle (MitM) attack against the
host network or another container (CVE-2020-13401).
References
- https://bugs.mageia.org/show_bug.cgi?id=26815
- https://bugzilla.redhat.com/show_bug.cgi?id=1833233
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13401
Resolution
MGASA-2020-0279 - Updated docker packages fix security vulnerability
SRPMS
- 7/core/docker-18.09.9-1.1.mga7
Severity
Publication date: 05 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0279.html
Type: security
CVE: CVE-2020-13401
News
HOWTOs
Features
About Us
Powered By
