ALAS2NITRO-ENCLAVES-2021-001 --- dockerID: oval:org.secpod.oval:def:1700779 | Date: (C)2021-12-14 (M)2023-11-24 |
Class: PATCH | Family: unix |
A flaw was found in the `userns-remap` feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/lt;remappinggt;, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity. A flaw was found in Docker. Pulling an intentionally malformed Docker image manifest could lead to a crash of the `dockerd` daemon, resulting in a denial of service. The highest threat from this vulnerability is to system availability