Full Report
A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for CVE-2024-41110, a maximum-severity vulnerability in the same component that came to light in July 2024. "
Analysis Summary
# Vulnerability: Docker Engine AuthZ Plugin Bypass (Incomplete Fix)
## CVE Details
- **CVE ID:** CVE-2026-34040
- **CVSS Score:** 8.8 (High)
- **CWE:** Not specifically named in the text, but relates to improper input validation and authentication bypass (e.g., CWE-20 / CWE-287).
## Affected Systems
- **Products:** Docker Engine (Moby)
- **Versions:** All versions prior to 29.3.1 (specifically those implementing the fix for CVE-2024-41110).
- **Configurations:** Systems utilizing **Authorization Plugins (AuthZ)** that rely on inspecting the HTTP request body to make access control decisions.
## Vulnerability Description
CVE-2026-34040 is an incomplete fix for a previous critical vulnerability (CVE-2024-41110). The flaw exists in how the Docker daemon handles oversized HTTP request bodies. When a request body exceeds 1MB (due to intentional padding), the Docker daemon may drop the body before forwarding the request to an Authorization Plugin (AuthZ).
Because the AuthZ plugin receives a request with an empty body, it may default to "allow" if it finds no prohibited content to block. However, the Docker daemon still processes the full, padded request internally. This allows an attacker to bypass security policies intended to prevent actions such as creating privileged containers or mounting sensitive host file systems.
## Exploitation
- **Status:** PoC availability (Described in detail by researchers; AI agents are capable of self-constructing the exploit).
- **Complexity:** Low (Requires only a specially crafted HTTP request with padding).
- **Attack Vector:** Network (Targeting the Docker API).
## Impact
- **Confidentiality:** High (Full host file system access; exposure of SSH keys, cloud credentials, and K8s configs).
- **Integrity:** High (Ability to create privileged containers and modify host files).
- **Availability:** High (Potential for full host takeover).
## Remediation
### Patches
- Update Docker Engine to version **29.3.1** or later.
### Workarounds
- **Rootless Mode:** Run Docker in rootless mode to ensure that even if a privileged container is created, its "root" maps to an unprivileged user on the host.
- **API Restriction:** Limit access to the Docker API to trusted users only via the principle of least privilege.
- **Avoid Body-Dependent AuthZ:** Discontinue use of AuthZ plugins that rely specifically on inspecting the request body for security decisions.
## Detection
- **Indicators of Compromise:** Unusual HTTP requests to the Docker API containing significant padding (exceeding 1MB).
- **Detection methods and tools:** Monitor Docker daemon logs for container creation requests that include sensitive flags (e.g., `--privileged`, `--host`) which should have been blocked by existing AuthZ policies. Review API traffic for "empty body" logs being sent to AuthZ plugins.
## References
- [Docker/Moby Security Advisory (GHSA-x744-4wpc-v9h2)] hxxps://github[.]com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2
- [Cyera Research Labs Technical Report] hxxps://www[.]cyera[.]com/research/one-megabyte-to-root-how-a-size-check-broke-dockers-last-line-of-defense
- [The Hacker News Article] hxxps://thehackernews[.]com/2026/04/docker-cve-2026-34040-lets-attackers[.]html