ALAS-2020-1376


Amazon Linux 1 Security Advisory: ALAS-2020-1376
Advisory Release Date: 2020-05-29 21:52 Pacific
Advisory Updated Date: 2020-06-03 17:24 Pacific
Severity: Important

Issue Overview:

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.(CVE-2020-13401)


Affected Packages:

docker


Issue Correction:
Run yum update docker to update your system.

New Packages:
src:
    docker-19.03.6ce-4.58.amzn1.src

x86_64:
    docker-19.03.6ce-4.58.amzn1.x86_64
    docker-debuginfo-19.03.6ce-4.58.amzn1.x86_64