CVE-2024-6222

HIGH EPSS 42.2%

Published Jul 9, 20241y ago · Modified Jun 17, 20261w ago

7.3 CVSS 4.0

High

Published Jul 9, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the issue on MacOS, Linux and Windows with Hyper-V backend. As exploitation requires "Allow only extensions distributed through the Docker Marketplace" to be disabled, Docker Desktop v4.31.0 https://docs.docker.com/desktop/release-notes/#4310 additionally changes the default configuration to enable this setting by default.

CVSS Details

Base Score

7.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Local

Attack Complexity Low

Privileges Required High

User Interaction P

Scope X

Threat Intelligence

EPSS Exploit Probability

42.2% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-923

Affected Products 4

Vendor	Product	Version	Range
docker	desktop	*	<4.29.0
apple	macos	*	any
linux	linux_kernel	*	any
microsoft	windows	*	any

References 1

docs.docker.com https://docs.docker.com/desktop/release-notes/#4290

Release Notes

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.