This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group...

Docker Images Containing Cryptojacking Malware Distributed via Docker Hub

With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service DDoS attacks and mine cryptocurrencies...

Docker Images Containing Cryptojacking Malware Distributed via Docker Hub

With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service DDoS attacks and mine cryptocurrencies...

Exploit for Link Following in Docker Desktop

CVE-2020-10665 Docker Desktop Local Privilege Escalation POC...

Oracle Linux 7 : docker-cli / docker-engine (ELSA-2020-5739)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5739 advisory. - update to 19.03.11 for CVE-2020-13401 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 - update to 19.03.11 for CVE-2020-13401 - apply...

Information Disclosure

docker is vulnerable to information disclosure. A security regression of CVE-2016-9962 due to inclusion of vulnerable runc allows an attacker to obtain confidential information...

Remote Code Execution

docker is vulnerable to remote code execution. The vulnerability exists due to a security regression of CVE-2019-5736 due to inclusion of vulnerable runc...

Docker Code Issues Vulnerabilities

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

docker-cli docker-engine security update

docker-cli 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes...

RHEL 7 : docker (RHSA-2020:2653)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2653 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that...

docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the...

Important: Red Hat Security Advisory: docker security update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2016-9962, which was previously fixed via RHSA-2017:0116. This issue could allow a malicious or compromised container to compromise the...

docker: Ambient capability usage in containers

The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root...

CVE-2020-14298

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the...

CVE-2020-14300

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2016-9962, which was previously fixed via RHSA-2017:0116. This issue could allow a malicious or compromised container to compromise the...

Fedora: Security Advisory for moby-engine (FEDORA-2020-5ba8c2d9d5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for moby-engine (FEDORA-2020-6d7deafd81)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:0846-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13 - CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW...

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...