USN-4103-1: docker-credential-helpers vulnerability
19 August 2019
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
docker-credential-helpers could be made to crash or run programs as your login
- golang-github-docker-docker-credential-helpers - Use native stores to safeguard Docker credentials
Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.