CVE-2024-29018

🗓️ 21 Mar 2024 06:07:44Reported by redhat.comType

Moby container framework allows creation of custom networks with unique IP address ranges and gateways. Security vulnerability allows compromised containers to exfiltrate data via DNS queries. Docker Desktop is not affected

Reporter	Title	Published	Views	Family All 178
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in docker affect Cloud Pak System[CVE-2024-24557, CVE-2024-29018]	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: Astronomer with IBM is vulnerable to several vulnerabilities (CVE-2023-26125, CVE-2023-28155, CVE-2024-29018)	11 Aug 202513:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.	26 Jun 202414:33	–	ibm
Tenable Nessus	Amazon Linux 2023 : docker (ALAS2023-2024-674)	1 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASDOCKER-2024-040)	1 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASECS-2024-042)	5 Sep 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-041)	31 Jul 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: moby-engine (CVE-2024-29018)	10 Apr 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1879)	15 Jul 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1903)	15 Jul 202400:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-29018
github	www.github.com/moby/moby/pull/46609
github	www.github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx
bugzilla	www.bugzilla.redhat.com/show_bug.cgi