Symlink Vulnerability in Docker Desktop for Windows by Docker
CVE-2022-38730

6.3MEDIUM

Key Information:

Vendor: Docker
Status: Desktop
Vendor: CVE Published:; 27 April 2023

What is CVE-2022-38730?

Docker Desktop for Windows prior to version 4.6 is susceptible to a symlink vulnerability that allows attackers to overwrite arbitrary files. This exploit leverages a flaw in the windowscontainers/start dockerBackendV2 API, where improperly controlled inputs in the data-root field of the DaemonJSON configuration can lead to unintended consequences. Specifically, an adversary can exploit a Time of Check to Time of Use (TOCTOU) condition within the local-kv.db file located in the dataRoot path, opening a gateway for unauthorized manipulation of files on the host system.

References

https://docs.docker.com/desktop/release-notes/#docker-des...

https://www.cyberark.com/resources/threat-research-blog/b...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2023
Vulnerability Reserved
Aug 24, 2022