ALAS2NITRO-ENCLAVES-2021-003 --- dockerID: oval:org.secpod.oval:def:1700781 | Date: (C)2021-12-14 (M)2023-12-20 |
Class: PATCH | Family: unix |
Docker Engine before 18.09 allows attackers to cause a denial of service via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. A command injection flaw was discovered in Docker during the `docker build` command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the `git fetch`/`git checkout` commands that are executed by Docker and to execute code with the privileges of the user running Docker. A local attacker who can run `docker build` with a controlled build path, or a remote attacker who has control over the docker build path, could elevate their privileges or execute code. In Docker CE and EE before 18.09.8 , Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes secrets. It potentially applies to other API users of the stack API if they resend the secret