PT-2017-17720 · Nixos+1 · Nixos+1
Published
2017-04-04
·
Updated
2020-05-07
·
CVE-2017-7412
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NixOS versions prior to 17.03.887
Description
The issue allows local users to gain privileges by executing docker commands, due to a world-writable Docker socket.
Recommendations
For versions prior to 17.03.887, update to version 17.03.887 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Docker
Nixos