Debian Security Advisory 4716-1

Debian Security Advisory 4716-1: Posted Jul 28, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4716-1 - Etienne Champetier discovered that Docker, a Linux container runtime, created network bridges which by default accept IPv6 router advertisements. This could allow an attacker with the CAP_NET_RAW capability in a container to spoof router advertisements, resulting in information disclosure or denial of service.; tags | advisory, denial of service, spoof, info disclosure; systems | linux, debian; advisories | CVE-2020-13401; SHA-256 | 976ff74ee264ecd7bc43b910ba7569f08c64d05307bf0989ad61ef28957a457e; Download | Favorite | View

Debian Security Advisory 4716-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4716-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 02, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : docker.io
CVE ID         : CVE-2020-13401
Debian Bug     : 962141

Etienne Champetier discovered that Docker, a Linux container runtime,
created network bridges which by default accept IPv6 router advertisements.
This could allow an attacker with the CAP_NET_RAW capability in a
container to spoof router advertisements, resulting in information
disclosure or denial of service.

For the stable distribution (buster), this problem has been fixed in
version 18.09.1+dfsg1-7.1+deb10u2.

We recommend that you upgrade your docker.io packages.

For the detailed security status of docker.io please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/docker.io

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7+KBwACgkQEMKTtsN8
TjbyYBAAg+O+0IgB1qBQyB11lKb7t0MGrqo35/MOnYgQK8jbcqBGPQ0eDAfU9z7R
C7ixPlMZvu90S+pXNonfOTCwZQ+UrlSzM6wc2HNI2mjp+BId0rpPtxIqr1hcDNGz
IAu+hqxFEZhTu6+olK5qyXCRbz38d2Kg/8uS8YznO6IEvhcAjygnSGRR9EfsaC4R
jYMD3tJ8vUgEkJRZmZucicCswqC8WczN8a6fHH6Glbs3eIT2vlFINhFZM8PWQ4E/
vtjf8+JPkfrTe7Y2/SMnBkE082gS1/WjYrKXj8RAMJ2M2Y61O9RdGX+wD3NOwjS0
/6PVf2T9+/QbNAQrQFGcnw3uvsSbSiFgaFGhGuI+DJ6yJfrgXSO1Iis9wrCZ0DlK
MLJrDP+u+ZQm7U6GNYNiwBnHocl9s4cYNhTj5QaEM76O51Wt2MVuj4t777W9Zdp9
Jt1lFwHJb1KHizYSxySEp3AJcAcSXv89JA2dxtSdEZGojaPoXouRfXqvybWNu2hP
wvpWqYeRHlXw32kpq7xrb1uEMkMBlkh6O/d8JeNpFI/Hd3Cl610JbGIYLhTK5A9w
m5q4nGADFF0SDEFQmZEVKFJNIlIQKX7MspdAc7nPBfGWQ8Xhttx4Vag0z6HvSxDS
ST2wwG0W5O4NNjr3ibdm6JpEgGcZjWDPgqFSH5UkKgDC712SyUc=
=vIL3
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 383 files
Ubuntu 90 files
Debian 27 files
Gentoo 18 files
tmrswrr 12 files
Ph0s 5 files
R0ckE7 5 files
Google Security Research 4 files
Rahad Chowdhury 4 files
Chizuru Toyama 3 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,911)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,839)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,618)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,135)
UNIX (9,339)
UnixWare (187)
Windows (6,606)
Other

Debian Security Advisory 4716-1

Debian Security Advisory 4716-1

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4716-1

Share This

Debian Security Advisory 4716-1

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems