Design/Logic Flaw

2023-09-2516:15:00

PRIOn knowledge base

www.prio-n.com

design/logic flaw

docker desktop

ipc response spoofing

local privilege escalation

nvd

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X.

CPENameOperatorVersion
docker_desktopge4.11.0
docker_desktoplt4.12.0

CPE	Name	Operator	Version
	docker_desktop	ge	4.11.0
	docker_desktop	lt	4.12.0

References

docs.docker.com/desktop/release-notes/