USN-5103-1: docker.io vulnerability
4 October 2021
Docker could be made to adjust the permissions of files.
- docker.io - Linux container runtime
Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in
Docker incorrectly allowed the docker cp command to make permissions
changes in the host filesystem in some situations. A local attacker
could possibly use to this to expose sensitive information or gain
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.