ClickCease Critical Docker Engine Flaw Enables Authorization Plugin Bypass

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Critical Docker Engine Flaw Enables Authorization Plugin Bypass

by Rohan Timalsina

August 7, 2024 - TuxCare expert team

A critical vulnerability was identified in certain versions of Docker Engine that allows attackers to bypass authorization plugins (AuthZ) under specific circumstances. Docker has recently released security updates to address this vulnerability.

This vulnerability, tracked as CVE-2024-41110, was first discovered and patched in Docker Engine v18.09.1, which was released in January 2019. However, due to a lapse in the continuity of this fix, the vulnerability resurfaced in later versions of Docker Engine. This dangerous regression went unnoticed until April 2024, when it was rediscovered, prompting Docker to release patches for all supported versions of Docker Engine.

 

Vulnerability Details

 

CVE-2024-41110 is classified as a critical-severity issue with a CVSS score of 10.0. The vulnerability exploits the way Docker Engine handles API requests. Specifically, an attacker can send a specially crafted API request with a Content-Length of 0, tricking the Docker daemon into forwarding the request to the AuthZ plugin without a body.

Under normal circumstances, API requests include a body containing the necessary data for the request, which the authorization plugin uses to make access control decisions. When the Content-Length is set to 0, the request bypasses proper validation by the plugin, potentially approving unauthorized actions, including privilege escalation.

 

Impacted Versions and Users

 

CVE-2024-41110 affects Docker Engine versions up to v19.03.15, v20.10.27, v23.0.14, v24.0.9, v25.0.5, v26.0.2, v26.1.4, v27.0.3, and v27.1.0. Users relying on authorization plugins for access control are particularly vulnerable.

However, not all users are at risk:

  • Users who do not use plugins for authorization.
  • Users of Mirantis Container Runtime.
  • Users of Docker commercial products.

For those impacted, it is crucial to update to the patched versions, v23.0.14 and v27.1.0, as soon as possible.

For users unable to immediately update to a safer version, it is advisable to:

  • Disable AuthZ plugins.
  • Restrict access to the Docker API only to trusted users.

Additionally, the latest version of Docker Desktop, 4.32.0, also includes a vulnerable Docker Engine. Nevertheless, the impact is somewhat limited since exploitation requires access to the Docker API, and any potential privilege escalation is confined to the virtual machine (VM). Docker has announced that the forthcoming Docker Desktop v4.33.0 will fully address this vulnerability, though this update is not yet available for download.

 

Conclusion

 

This five-year old flaw highlights the critical importance of maintaining robust and continuous security practices in software development and deployment. Docker users are urged to apply the necessary updates promptly and review their security configurations to mitigate the risk of unauthorized access. By taking these steps, users can protect their Docker environments from potential exploitation and ensure the integrity of their systems.

 

The sources for this article include a story from BleepingComputer.

Summary
Critical Docker Engine Flaw Enables Authorization Plugin Bypass
Article Name
Critical Docker Engine Flaw Enables Authorization Plugin Bypass
Description
Discover the critical Docker Engine vulnerability CVE-2024-41110 and the latest security updates. Learn how to protect your systems today.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!