Äá Minh TuấN

Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.29.0 Description: The issue is related to insufficient restriction of the communication channel for given endpoints, allowing an attacker who has gained access to the Docker Desktop VM through a container breakout to further escape to the host by passing extensions and dashboard related IPC messages. Exploitation requires the "Allow only extensions distributed through the Docker Marketplace" setting to be disabled. Recommendations: For Docker Desktop versions prior to 4.29.0, update to version 4.29.0 or later to fix the issue on MacOS, Linux, and Windows with Hyper-V backend. Additionally, consider enabling the "Allow only extensions distributed through the Docker Marketplace" setting by default, as introduced in Docker Desktop version 4.31.0, to prevent exploitation. As a temporary workaround, consider disabling the extension-manager until a patch is available. Restrict access to the vulnerable IPC messages to minimize the risk of exploitation.