HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-01T01:00:00

Updated: 2024-08-05T09:54:03.679Z

Reserved: 2018-08-18T00:00:00

Link: CVE-2018-15514

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-01T01:29:00.233

Modified: 2024-11-21T03:50:59.077

Link: CVE-2018-15514

cve-icon Redhat

No data.