Docker fixes critical bug

Docker has shipped a security fix for a flaw that punched through one of the few fine-grained access controls available in Docker Engine. The bug, tracked as CVE-2026-34040, affected Docker and Moby releases before 29.3.1 and let attackers bypass authorization plugins under specific conditions. Docker included the fix in Engine 29.3.1, released on March 25, 2026, and described it plainly in the release notes as an authorization bypass in AuthZ plugins (docs.docker.com, github.com). That matters because Docker’s built-in permission model is blunt. If you can talk to the Docker daemon, you can usually do almost anything. Authorization plugins exist to narrow that power. They inspect API requests and decide whether a user should be allowed to create a container, mount host paths, or ask for privileged mode. Docker’s own documentation says these plugins are the mechanism for “granular access policies” on the daemon, which is exactly why a bypass here is so dangerous (docs.docker.com, docker.com). The bug was not a clean break in authentication. It was stranger than that. A specially crafted API request could make the daemon send the request to the authorization plugin without the body that the plugin needed to evaluate. If the plugin relied on that body to spot risky settings, it could approve an operation it should have blocked. GitHub’s advisory says the issue appears when an oversized request body is used. The result is an authorization check that still runs, but runs half blind (github.com, nvd.nist.gov). That blind spot is enough to turn routine container creation into something much worse. Security researchers at Cyera said a padded request could be used to create a privileged container with the host filesystem mounted inside it. At that point, the container is no longer meaningfully boxed in. It can reach into the host and tamper with the machine that is supposed to be containing it. The Hacker News reported the same practical outcome: bypass the policy layer, launch a privileged container, and risk full host compromise (cyera.com, thehackernews.com). What makes this story worse is that it is not really new. GitHub’s advisory calls CVE-2026-34040 an incomplete fix for CVE-2024-41110, a critical AuthZ bypass Docker disclosed on July 23, 2024. That earlier bug let attackers abuse requests with `Content-Length: 0` so the plugin never saw the body. Docker said in 2024 that the original class of bug had first been found in 2018, fixed in January 2019, and then accidentally left out of later major versions. The new flaw is the same basic failure mode coming back through a different edge case (github.com, docker.com, github.com). The scope is narrower than the headline suggests, but not by much for the teams that matter. If you do not use authorization plugins, GitHub says you are not affected. If you do use them, and they inspect request bodies to enforce policy, you are. Docker also said in the 2024 advisory that exploitation usually requires access to the Docker API already, unless the daemon is exposed over TCP. In real infrastructure, that is still a serious boundary. Plenty of internal systems assume the policy engine in front of the daemon is the last line before dangerous actions like privileged container launches and host mounts (github.com, docker.com, docs.docker.com). For teams that cannot patch immediately, the official advice is blunt because the bug is blunt. Do not rely on AuthZ plugins that need request-body inspection for security decisions, and restrict Docker API access to trusted parties. But the real fix is the one Docker already shipped: upgrade to Engine 29.3.1, where the release notes list CVE-2026-34040 alongside two other security fixes in the same release (github.com, docs.docker.com).