Advisories » MGASA-2020-0279

Updated docker packages fix security vulnerability

Publication date: 05 Jul 2020
Modification date: 05 Jul 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-13401

Description

Updated docker packages fix security vulnerability:

A flaw was found in Docker when it creates network bridges that accept
IPv6 router advertisements by default. This flaw allows an attacker who
can execute code in a container to possibly spoof rogue IPv6 router
advertisements to perform a man-in-the-middle (MitM) attack against the
host network or another container (CVE-2020-13401).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26815
• https://bugzilla.redhat.com/show_bug.cgi?id=1833233
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13401

SRPMS

7/core

• docker-18.09.9-1.1.mga7