CVE-2024-41110 - Vulnerability Patching Notice - Docker AuthZ Bypass

Vulnerability Title	AuthZ Plugin Bypass Regression in Docker Engine

Vulnerability Title	AuthZ Plugin Bypass Regression in Docker Engine
CVE Number	CVE-2024-41110
CVSS Score (Highest)	10.0 CRITICAL (From GitHub)
UKRI/STFC Criticality Rating	CRITICAL
Vulnerability Notification Date	10/09/2024
Action Completion Date	24/09/2024
Affected Components	Software components: docker-ce (moby) Affected Versions: <= v19.03.15 <= v20.10.27 <= v23.0.14 <= v24.0.9 <= v25.0.5 <= v26.0.2 <= v26.1.4 <= v27.0.3 <= v27.1.0
Impacted Operating Systems	All Operating Systems running the above software packages are affected.
Brief Summary	“Docker’s default authorization model is all-or-nothing. Users with access to the Docker daemon can execute any Docker command. For greater access control, authorization plugins (AuthZ) can be used. These plugins approve or deny requests to the Docker daemon based on authentication and command context. In 2018, a security issue was discovered where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later versions, resulting in a regression.” - Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine \| Docker
Links to detailed information	Information from the NVD at NIST (US) and Links to patch commits: NVD - CVE-2024-41110 GitHub Security Advisory: Authz zero length regression Docker Community Notice: Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine \| Docker
CWE - Common Weakness Enumeration (Category)	http://cwe.mitre.org/data/definitions/863.html CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') (4.15) CWE - CWE-187: Partial String Comparison (4.15)
Patched Component Versions	Software Component: docker-ce Patched Versions: > v23.0.14 > v26.1.4 > v27.1.0
How do I check if my machine is affected?	Ubuntu 20.04 Focal	Run the following command to check the installed version of `docker-ce`: `sudo apt info docker-ce \| grep Version` If the returned version substring does not match one of the patched versions above, you are affected.
	Ubuntu 22.04 Jammy	Run the following command to check the installed version of `docker-ce`: `sudo apt info docker-ce \| grep Version` If the returned version substring does not match one of the patched versions above, you are affected.
	Rocky 8	Run the following command to check the installed version of `docker-ce`: `dnf info docker-ce \| grep Version` If the returned version substring does not match one of the patched versions above, you are affected.
	Rocky 9	Run the following command to check the installed version of `docker-ce`: `dnf info docker-ce \| grep Version` If the returned version substring does not match one of the patched versions above, you are affected.
How do I fix my affected machines?	Ubuntu 20.04 Focal	Run the following commands to update all system packages, and reboot the machine to apply the change: `sudo apt udpate && sudo apt upgrade -Y` `sudo reboot`
	Ubuntu 22.04 Jammy	Run the following commands to update all system packages, and reboot the machine to apply the change: `sudo apt udpate && sudo apt upgrade -Y` `sudo reboot`
	Rocky 8	Run the following commands to update all system packages, and reboot the machine to apply the change: `sudo dnf update && sudo reboot`
	Rocky 9	Run the following commands to update all system packages, and reboot the machine to apply the change: `sudo dnf update && sudo reboot`
Do I need to do anything else?	N/A
Contact Information	If you have any questions, concerns, or need assistance regarding this vulnerability notice please submit a ticket to cloud-support@stfc.ac.uk, including the name of the vulnerability in the subject line and we’ll get back to you as soon as possible.