Your submission was sent successfully! Close

CVE-2021-21285

Published: 02 February 2021

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
docker.io
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.10 (Impish Indri) Not vulnerable
(20.10.7-0ubuntu1)
Ubuntu 21.04 (Hirsute Hippo)
Released (20.10.7-0ubuntu1~21.04.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (20.10.7-0ubuntu1~20.04.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (20.10.7-0ubuntu1~18.04.1)
Ubuntu 16.04 ESM (Xenial Xerus) Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist