Docker: Old privilege escalation vulnerability has resurfaced

By
Trend
-
0
24
Docker: Old privilege escalation vulnerability has resurfaced


Docker warns of a security vulnerability that affects several variants of the Docker Engine. It allows attackers to bypass the authorization plug-in and thus achieve privilege escalation.

Advertisement


Cloud Native: Docker Containers and Python Services with .NET Aspire 8.1Cloud Native: Docker Containers and Python Services with .NET Aspire 8.1

All versions from Docker 19.03.15 to version 27.1.0 are affected. Patches are available for releases since Docker v23.0.14 that close the security gap.

Rights extension in the authorization plug-in

Docker’s authorization plug-in aims to ensure granular rights assignment, since Docker has no built-in restrictions and allows users with access rights to the Docker daemon to execute any Docker command.

Here Plug-ins come into play: Docker’s authentication (AuthN) and authorization (AuthZ) subsystems can pass data about the user and the command to be executed to the corresponding AuthZPlugins, which decide whether to allow command execution.

The old weakness returned soon.

Version 18.0.9 Docker closed a vulnerability in 2019 that apparently enabled privilege escalation through a plug-in due to a lack of content checking. However, with the move to the next major version, the security hole in the Docker engine reappeared. The regression has been occurring again since version 19.03 of the engine.

After detecting a recurrence of the vulnerability in April 2024, Docker released patches for releases starting 23.0.14 on July 23.

In the MITRE database, a CVE entry (Common Vulnerabilities and Exposures) represents a regression. CVE-2024-41110Which is marked as reserved only.

Patch now and wait on Docker Desktop

Anyone using one of the affected versions should patch now or avoid the AuthZ plug-in. Anyone who doesn’t use them is not affected.

Docker Desktop also has the vulnerability, but according to Docker, the risk is comparatively low because attackers need access to the workstation with the software and the extension of rights is limited to the Docker Desktop VM. Additionally, Docker Desktop does not include AuthZ plugins by default. They must be installed manually.

The upcoming Docker Desktop 4.33 release will include a patched version of the Docker Engine without the vulnerability. More Details can be found in the Docker blog,


(RME)

Maxcom W59 Kido Children’s Smart WatchMaxcom W59 Kido Children’s Smart Watch

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here