PT-2019-3466 · Docker+3 · Docker+3

Published

2019-07-29

·

Updated

2026-05-18

·

CVE-2019-14271

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Docker versions 19.03.x through 19.03.0
Description The issue is related to code injection when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. This can occur in Docker linked against the GNU C Library (aka glibc). Exploitation of the vulnerability may allow a remote attacker to impact data integrity, gain unauthorized access to protected information, and cause a denial of service.
Recommendations For Docker versions 19.03.x through 19.03.0, update to version 19.03.1 or later to resolve the issue. As a temporary workaround, consider restricting the dynamic loading of libraries inside a chroot to minimize the risk of exploitation. Avoid using the nsswitch facility in affected environments until the issue is resolved.

Fix

Improper Initialization

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-665CWE-94

Related Identifiers

ALT-PU-2019-2464
ALT-PU-2019-2670
ALT-PU-2020-1459
ALT-PU-2020-2987
ALT-PU-2020-3029
BDU:2019-03640
CLEANSTART-2026-BK59402
CLEANSTART-2026-BN11148
CLEANSTART-2026-GY69323
CLEANSTART-2026-HI89495
CLEANSTART-2026-HL71566
CLEANSTART-2026-JD48541
CLEANSTART-2026-OS18490
CLEANSTART-2026-SB85645
CLEANSTART-2026-SP51034
CLEANSTART-2026-TD34476
CLEANSTART-2026-XL45869
CLEANSTART-2026-YB44027
CLEANSTART-2026-ZM20570
CVE-2019-14271
DSA-4521-1
GHSA-V2CV-WWXQ-QQ97
GO-2024-2521
OPENSUSE-SU-2019:2021-1
OPENSUSE-SU-2019_2021-1
OPENSUSE-SU-2024:10722-1
OPENSUSE-SU-2025:15589-1
SUSE-SU-2019:2117-1
SUSE-SU-2019:2119-1
SUSE-SU-2025:03540-1
SUSE-SU-2025:03545-1

Affected Products

Alt Linux
Docker
Gnu C Library
Suse