Docker×ÊÔ´ÖÎÀí¹ýʧÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-24

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-17150£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Docker < 0.6.3


Îó²î¸ÅÊö


DockerÊÇÃÀ¹úDocker¹«Ë¾µÄÒ»¿î¿ªÔ´µÄÓ¦ÓÃÈÝÆ÷ÒýÇæ¡£¡£¡£ ¡£¡£¡£¸Ã²úÆ·Ö§³ÖÔÚLinuxϵͳÉϽ¨ÉèÒ»¸öÈÝÆ÷£¨ÇáÁ¿¼¶ÐéÄâ»ú£©²¢°²ÅźÍÔËÐÐÓ¦ÓóÌÐò£¬£¬£¬£¬£¬£¬£¬ÒÔ¼°Í¨¹ýÉèÖÃÎļþʵÏÖÓ¦ÓóÌÐòµÄ×Ô¶¯»¯×°Öᢰ²ÅźÍÉý¼¶¡£¡£¡£ ¡£¡£¡£


DockerÖеÄdocker-credential-secretservice±£´æ×ÊÔ´ÖÎÀí¹ýʧÎó²î£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐòÔÚ¶Ô¹¤¾ß¾ÙÐÐÊͷŲÙ×÷֮ǰ£¬£¬£¬£¬£¬£¬£¬Ã»Óмì²é¸Ã¹¤¾ßÊÇ·ñ±£´æ¡£¡£¡£ ¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÌáÉýȨÏÞ²¢Ö´ÐдúÂë¡£¡£¡£ ¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£ ¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬ÏêÇéÇë¹Ø×¢³§ÉÌÖ÷Ò³£º

https://www.docker.com/¡£¡£¡£ ¡£¡£¡£


²Î¿¼Á´½Ó


https://www.zerodayinitiative.com/advisories/ZDI-19-1030/