*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Eduardo Barretto
(ebarretto):
On Ubuntu 22.04.1, Docker service (installed by docker.io) crashes on
invalid Dockerfile with a stack overflow:
```
runtime: goroutine stack exceeds 1000000000-byte limit
runtime: sp=0xc038412398 stack=[0xc038412000, 0xc058412000]
fatal error: stack overflow
```
To reproduce, run `docker build .` with the following contents of
Dockerfile:
```Dockerfile
FROM scratch AS base
COPY --from=build /foo /bar
FROM base AS build
```
Docker v27.3.1 (installed from outside of official Ubuntu repository)
handles this issue properly:
```
[+] Building 0.0s (2/2) FINISHED
docker:default
=> [internal] load build definition from Dockerfile
0.0s
=> => transferring dockerfile: 108B
0.0s
=> [internal] load .dockerignore
0.0s
=> => transferring context: 2B
0.0s
Dockerfile:3
--------------------
1 | FROM scratch AS base
2 |
3 | >>> COPY --from=build /foo /bar
4 |
5 | FROM base AS build
--------------------
ERROR: failed to solve: cannot copy from stage "build", it needs to be defined
before current stage "base"
```
Since this issue could be used to make Denial-of-Service attacks in
build servers which use Docker, I have flagged this issue as a "security
issue".
** Affects: docker.io (Ubuntu)
Importance: Undecided
Status: New
--
Docker service crashes on invalid Dockerfile
https://bugs.launchpad.net/bugs/2088263
You received this bug notification because you are a member of Ubuntu Bugs,
which is subscribed to the bug report.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
