Docker Desktop Vulnerability and Security

Aug 30, 2025

Overview

This lecture covers a critical Docker Desktop vulnerability (CVE-2025-9074) that allows easy container escape, discusses its implications, and suggests mitigation strategies.

Docker Images and Containers

  • A Docker image packages code and dependencies, acting as a binary blob for deployment.
  • Unlike virtual machines (VMs), Docker containers do not ship an entire OS but rely on the host OS for core functions.
  • Containers use Linux namespaces to isolate file system, processes, and users, creating a sandboxed environment.
  • Docker aims to provide code portability and isolation both between containers and from the host system.

The Vulnerability: CVE-2025-9074

  • This vulnerability is not in Docker Engine, but in Docker Desktop’s implementation.
  • Docker Desktop exposes an API to containers that can be exploited for privilege escalation.
  • From inside a malicious container, attackers can perform HTTP POST requests to the exposed API to start privileged containers, mount the Windows C: drive, and access host files.
  • The bug enables file reading/writing on the host with limited commands, bypassing container isolation.
  • Exploitation works on Docker Desktop for Windows (no prompt/authentication) and partially on Mac OS (some user prompts), but not on Linux.

Exploitation Steps

  • An attacker uses a malicious container to send an HTTP request to the Docker Desktop API.
  • The request starts a new container, mounts the host's C: drive, and enables arbitrary file access.
  • Even non-admin containers can write files to user directories on the host.

Security Lessons and Recommendations

  • Internal APIs like Docker’s should require authentication even if not public-facing.
  • Exposing powerful APIs without access controls weakens container isolation guarantees.
  • Any container running with these permissions can act with the same authority as the Docker Desktop engine.

Key Terms & Definitions

  • Docker Image — A package containing code and its dependencies for creating containers.
  • Container — An isolated execution environment for running software, sharing the host OS kernel.
  • Namespace — Linux feature isolating resources (like file systems, processes) for containers.
  • CVE (Common Vulnerabilities and Exposures) — A cataloged security vulnerability.
  • Privilege Escalation — Gaining higher access rights than intended by exploiting a bug.

Action Items / Next Steps

  • Update Docker Desktop to the latest version with the vulnerability patched.
  • Use minimal, secure container images (e.g., from Chain Guard).
  • Apply access controls and authentication to any Docker APIs.
  • Review and limit permissions for containers in sensitive environments.

Full transcript