Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

Ubuntu 21.10 USN-5134-1: Docker Information Disclosure Threat

ubuntu
Calendar Grey November 9, 2021
Dist Ubuntu Esm H88
A critical exposure flaw in Docker impacts several variants of Ubuntu. Ensure systems are updated to reduce potential threats.
Docker could be made to expose sensitive information over the network.

Summary

Docker could be made to expose sensitive information over the

network.

Software Description:

- docker.io: Linux container runtime

Details:

An information disclosure issue was discovered in the command line interface

of Docker. A misconfigured credential store could result in supplied

credentials being leaked to the public registry, when using the docker login

command with a private registry.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
docker.io 20.10.7-0ubuntu5.1

Ubuntu 21.04:
docker.io 20.10.7-0ubuntu5~21.04.2

Ubuntu 20.04 LTS:
docker.io 20.10.7-0ubuntu5~20.04.2

Ubuntu 18.04 LTS:
docker.io 20.10.7-0ubuntu5~18.04.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5134-1

CVE-2021-41092

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-5134-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.