Docker issues alert for critical vulnerability affecting certain versions of Docker Engine, allowing unauthorized access under specific conditions to bypass authorization plugins.
Severely exploited is this bypass and privilege escalation vulnerability, rated at the maximum CVSS score of 10.0, underscoring its grave impact.
“Exploitation of a bypass vulnerability by crafting an API request with a content-size parameter set to zero enables malicious actors to deceive the Docker daemon into forwarding requests to the AuthZ plugin without the request body, thereby allowing unauthorized access.”
Although Docker acknowledged the challenge’s origins in 2018 and resolved it with Docker Engine v18.09.1 in January 2019, this fix was not successfully propagated to subsequent versions (19.03 and later), suggesting a regression in their quality control processes.
As of July 23, 2024, the issue has been successfully addressed through software updates 23.0.14 and 27.1.0, which were released following the identification of the problem in April 2024. Assuming authentication (AuthZ) is employed to inform entry management decisions within the forthcoming variations of the Docker Engine.
- <= v19.03.15
- <= v20.10.27
- <= v23.0.14
- <= v24.0.9
- <= v25.0.5
- <= v26.0.2
- <= v26.1.4
- <= v27.0.3, and
- <= v27.1.0
“Clients using Docker Engine v19.03.x or later, who do not rely on authorization plugins for making entry point decisions, as well as users of all versions of Mirantis Container Runtime, are generally not affected,” said Docker’s Gabriela Georgieva.
“Customers using Docker’s commercial products and internal infrastructure who do not rely on AuthZ plugins remain unaffected.”
A vulnerability in Docker Desktop affects versions up to 4.32.0, although the company emphasizes that the attack’s likelihood is limited, requiring native access to the host and access to the Docker API. A pending repair is scheduled for inclusion in the upcoming model 4.33’s launch.
“Georgieva famously pointed out that default Docker Desktop configurations fail to incorporate AuthZ plugins.” Privilege escalation within the Docker Desktop virtual machine is limited, not extending to the underlying host.
While there’s been no reported exploitation of CVE-2024-41110 in the wild, it remains crucial for customers to update their Docker installations to the latest version to proactively address potential security risks.
In December, Docker addressed a critical vulnerability, known as, which could have enabled attackers to gain unauthorized access to the host file system and potentially escape the container.
“As cloud providers’ reputation continues to soar, container adoption has become an integral component of cloud infrastructure,” Palo Alto Networks’ Unit 42 reported last week. “While containers offer numerous advantages, they are also susceptible to sophisticated attacks such as container escape tactics.”
“While sharing a common kernel and often lacking complete isolation from the host’s user-space, containers are susceptible to various techniques used by attackers seeking to escape the confines of a containerized environment.”
