CVE-2021-21285 affects Docker versions < 19.03.15 and >= 20.0.0, < 20.10.3. Learn about the impact, technical details, and mitigation steps for this vulnerability.
A vulnerability in Docker versions < 19.03.15 and >= 20.0.0, < 20.10.3 allows an attacker to crash the dockerd daemon by pulling a malformed Docker image manifest. Version 20.10.3 and 19.03.15 have patches to prevent this crash.
Understanding CVE-2021-21285
This CVE highlights a vulnerability in Docker that can lead to a denial of service condition due to a crash in the dockerd daemon.
What is CVE-2021-21285?
CVE-2021-21285 is a vulnerability in specific versions of Docker that allows a malicious Docker image manifest to crash the dockerd daemon.
The Impact of CVE-2021-21285
The impact of this vulnerability is medium with a CVSS base score of 6.5. An attacker can exploit this flaw to cause a denial of service by crashing the dockerd daemon.
Technical Details of CVE-2021-21285
This section covers the technical aspects of the vulnerability.
Vulnerability Description
The vulnerability arises from pulling a specially crafted Docker image manifest that causes the dockerd daemon to crash.
Affected Systems and Versions
The affected versions include < 19.03.15 and >= 20.0.0, < 20.10.3 of Docker.
Exploitation Mechanism
An attacker can exploit this vulnerability by pulling a Docker image manifest designed to crash the dockerd daemon.
Mitigation and Prevention
To protect your system from CVE-2021-21285, follow the mitigation strategies below.
Immediate Steps to Take
Update Docker to version 20.10.3 or 19.03.15 to apply the patches that prevent the daemon crash.
Long-Term Security Practices
Regularly update Docker to the latest versions and monitor security advisories for any new vulnerabilities.
Patching and Updates
Install security patches promptly and ensure that Docker is always up to date to mitigate potential risks.