Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
Original advisory details:
Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
{ "binaries": [ { "binary_name": "docker.io", "binary_version": "18.09.7-0ubuntu1~16.04.5" }, { "binary_name": "golang-docker-dev", "binary_version": "18.09.7-0ubuntu1~16.04.5" }, { "binary_name": "golang-github-docker-docker-dev", "binary_version": "18.09.7-0ubuntu1~16.04.5" }, { "binary_name": "vim-syntax-docker", "binary_version": "18.09.7-0ubuntu1~16.04.5" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "docker.io", "binary_version": "18.09.7-0ubuntu1~18.04.4" }, { "binary_name": "golang-docker-dev", "binary_version": "18.09.7-0ubuntu1~18.04.4" }, { "binary_name": "golang-github-docker-docker-dev", "binary_version": "18.09.7-0ubuntu1~18.04.4" }, { "binary_name": "vim-syntax-docker", "binary_version": "18.09.7-0ubuntu1~18.04.4" } ], "availability": "No subscription required" }