Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Docker.
Software Description:
- docker.io-app: Linux container runtime
Details:
It was discovered that BuildKit, contained within Docker, incorrectly
handled file path validation when processing frontend API messages. An
attacker could possibly use this issue to write files outside of the
intended state directory. (CVE-2026-33747)
It was discovered that BuildKit, contained within Docker, incorrectly
validated the subdir component of Git URL fragments. An attacker could
possibly use this issue to access files outside of the checked-out
repository root. (CVE-2026-33748)
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
docker.io 29.1.3-0ubuntu4.1
Ubuntu 24.04 LTS
docker.io 29.1.3-0ubuntu3~24.04.2
Ubuntu 22.04 LTS
docker.io 29.1.3-0ubuntu3~22.04.2
Ubuntu 20.04 LTS
docker.io 26.1.3-0ubuntu1~20.04.1+esm2
Available with Ubuntu Pro
After a standard system update you need to restart Docker to make all
the necessary changes.https://ubuntu.com/security/notices/USN-8230-1
CVE-2026-33747, CVE-2026-33748
Get the latest Linux and open source security news straight to your inbox.