Ubuntu alert USN-8230-1 (docker.io-app)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8230-1] Docker vulnerabilities | |
| Date: | Wed, 06 May 2026 03:44:27 +0000 | |
| Message-ID: | <E1wKTBT-0007NU-7z@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-8230-1 May 06, 2026 docker.io-app vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Docker. Software Description: - docker.io-app: Linux container runtime Details: It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing frontend API messages. An attacker could possibly use this issue to write files outside of the intended state directory. (CVE-2026-33747) It was discovered that BuildKit, contained within Docker, incorrectly validated the subdir component of Git URL fragments. An attacker could possibly use this issue to access files outside of the checked-out repository root. (CVE-2026-33748) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS docker.io 29.1.3-0ubuntu4.1 Ubuntu 24.04 LTS docker.io 29.1.3-0ubuntu3~24.04.2 Ubuntu 22.04 LTS docker.io 29.1.3-0ubuntu3~22.04.2 Ubuntu 20.04 LTS docker.io 26.1.3-0ubuntu1~20.04.1+esm2 Available with Ubuntu Pro After a standard system update you need to restart Docker to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8230-1 CVE-2026-33747, CVE-2026-33748 Package Information: https://launchpad.net/ubuntu/+source/docker.io-app/29.1.3... https://launchpad.net/ubuntu/+source/docker.io-app/29.1.3... https://launchpad.net/ubuntu/+source/docker.io-app/29.1.3...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmn6tvUACgkQcpJm3tlz hgEaOw/8DYdPoH2KDW4m1jEqarBi9r8cJy/3nq9ZKIcsfR+zUltNMDm+ExM1GV/N 4JoIUfUiri4WClfT9ae9lYi1pUhBKSf+dgRZmp3TFShskoG3Wp1G07U80pDMHuAz usJUv9b0KnCsdJYFJOQfXE4KdVUOR9SiCjzEDmdNcXGrt2mGkAPSOqAlQlhsiOhL ol/U+HeYp6wdhfmQBZn5MwtZNQiWvaQltRsutm5UuaqkqErlT6qiwZTMB0JquYFQ 15wk9LnK8sRmQoDpRd714prE9kAzUoWpwI/wnaQw9SvFHQhG6veBobwvSNUT+7kb ArHYUPa677HipaY2xUwCNt7sk9ktEDmvAH8hP+ZfmIsuahVJ2i21PqKEFSm1hNpl /VRSMNzY+RC13Geeelirus9TEK8MxM4oI+aWjIAMf050wP5WjzNLRBQ4913iI2N6 QmhC1ReMU1sBKM1k+227bBTZv3kGl4ArPYJGOxKeN1D8PBo2wyhz9DtWQI0viZRM s9sJ+EDIo1SPB6swww7D4PJ3HUeLaVReuS/Wpe0k4xMZU4q2V9bAMYFtAUkOpAkT lN6OlfVU7dRQkiVCy4Sw+HZaT68iDXV0fqk8Z5xmcyUnTbne3yyNLSNEyZvgxqia KVUm6h6H5tFZiePf9pyDKVsbxotjq552yTe3CtPtfKryV+HE1+M= =aBTl -----END PGP SIGNATURE-----