The combination of these 2 sysctls means that the host accepts router advertisements and configures the IPv6 stack using them.īy sending “rogue” router advertisements from a container, an attacker can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker-controlled container.Įven if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond. Also by default, /proc/sys/net/ipv6/conf//accept_ra = 1. If IPv6 is not totally disabled on the host (via ipv6.disable=1 on the kernel cmdline), it will be either unconfigured or configured on some interfaces, but it’s pretty likely that ipv6 forwarding is disabled, that is, /proc/sys/net/ipv6/conf//forwarding = 0. In this configuration, an attacker able to run a process as root in a container can send and receive arbitrary packets to the host using the CAP_NET_RAW capability (present in the default configuration). In the Docker default configuration, the container network interface is a virtual ethernet link going to the host (veth interface).
Windows vs WSL2 when using Docker Desktop) docker/cli#2592 Fix bug preventing logout from registry when using multiple config files (e.g.Fix slow Windows container start time when using servercore image moby/moby#41192.
Docker Engine 19.03 release notes 19.03.15