Explore top 10 tips to secure your open-source projects now. Read More
×
Docker could be made to overwrite files as the administrator.
Software Description:
- docker.io: Linux container runtime
Details:
Aleksa Sarai discovered that Docker was vulnerable to a directory traversal
attack. An attacker could use this vulnerability to read and write arbitrary
files on the host filesystem as root.
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: docker.io 18.09.7-0ubuntu1~19.04.4 Ubuntu 18.10: docker.io 18.09.7-0ubuntu1~18.10.3 Ubuntu 18.04 LTS: docker.io 18.09.7-0ubuntu1~18.04.3 Ubuntu 16.04 LTS: docker.io 18.09.7-0ubuntu1~16.04.4 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4048-1
CVE-2018-15664, CVE-2019-5736
Get the latest Linux and open source security news straight to your inbox.