A vulnerability in Docker could lead to the escalation of privileges.
Package | app-emulation/docker on all architectures |
---|---|
Affected versions | < 1.11.0 |
Unaffected versions | >= 1.11.0 |
Docker is the world’s leading software containerization platform.
Docker does not properly distinguish between numeric UIDs and string usernames.
Local attackers could possibly escalate their privileges.
There is no known workaround at this time.
All Docker users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/docker-1.11.0"
Release date
December 11, 2016
Latest revision
December 11, 2016: 1
Severity
normal
Exploitable
remote
Bugzilla entries