Home Explore Blog CI



docker
4th chunk of `content/manuals/desktop/release-notes.md`
d6d1f7f28673de18bbfb3e8f2c293b89960471c7e5f6f4c40000000100001027
- Fixed [CVE-2025-3911](https://www.cve.org/CVERecord?id=CVE-2025-3911) allowing an attacker with read access to a user's machine to obtain sensitive information from Docker Desktop log files, including environment variables configured for running containers.

### Bug fixes and enhancements

#### For all platforms

- Fixed a bug in DockerVMM that caused an excessive number of open file handles on the host.
- Fixed an issue where Docker Desktop failed to start if the `admin-settings.json` file didn't contain the optional `configurationFileVersion` configuration.
- Fixed a bug that was causing outgoing UDP connections to be eagerly closed.
- Enhanced log reading experience with advanced search capabilities and container-level filtering, enabling quicker debugging and troubleshooting.
- Improved error messages when downloading Registry Access Management configuration.
- If Docker can't bind an ICMPv4 socket, it now logs an error and continues rather than quits.
- Enabled the memory protection keys mechanism in the Docker Desktop Linux VM, allowing containers like Oracle database images to run correctly.
- Fixed a problem with containers accessing `/proc/sys/kernel/shm*` sysctls when [Enhanced Container Isolation](/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md) is enabled on Mac, Windows Hyper-V, or Linux.
- Added kernel module `nft_fib_inet`, required for running firewalld in a Linux container.
- MacOS QEMU Virtualization option is being deprecated on July 14, 2025.

#### For Mac

- Fixed a bug that caused high CPU usage. Fixes [docker/for-mac#7643](https://github.com/docker/for-mac/issues/7643).
- Fixed multi-arch build issue with Rosetta on M3 Macs.
- Fixed an issue where absence of `/Library/Application Support/com.docker.docker/` directory can cause failure to apply RAM policy restrictions.

#### For Windows

- The Windows `.exe` installer now includes improved handling of locked files. Fixes [docker/for-win#14299](https://github.com/docker/for-win/issues/14299) and [docker/for-win#14316](https://github.com/docker/for-win/issues/14316).
- Fixed `Docker Desktop.exe` not showing version information after installation. Fixes [docker/for-win#14703](https://github.com/docker/for-win/issues/14703).

### Known issues

#### For all platforms

- If you have enforced sign-in using `desktop.plist` (on macOS) or Registry key (on Windows) and also have a `registry.json`, sign-in will fail if the user belongs to an organization listed in `desktop.plist`/ registry key but not to any organizations specified in `registry.json`. To resolve this, remove the `registry.json` file.

#### For Windows

- If multiple organizations are specified in the `allowedOrgs` Windows registry key using space-separated format, sign-in will fail and user will be logged out. As a workaround, specify each organization on a separate line in the registry key value.

## 4.40.0

{{< release-date date="2025-03-31" >}}

{{< desktop-install-v2 all=true beta_win_arm=true version="4.40.0" build_path="/187762/" >}}

### New

- You can now pull, run, and manage AI models from Docker Hub directly in Docker Desktop with [Docker Model Runner (Beta)](/manuals/ai/model-runner.md). Currently available for Docker Desktop for Mac with Apple Silicon.

### Upgrades

- [Docker Buildx v0.22.0](https://github.com/docker/buildx/releases/tag/v0.22.0)
- [Docker Compose v2.34.0](https://github.com/docker/compose/releases/tag/v2.34.0)
- [Docker Engine v28.0.4](https://docs.docker.com/engine/release-notes/28/#2804)
- [Docker Scout CLI v1.17.0](https://github.com/docker/scout-cli/releases/tag/v1.17.0)
- [compose-bridge v0.0.18](https://github.com/docker/compose-bridge-binaries/releases/tag/v0.0.18)
- [NVIDIA Container Toolkit v1.17.5](https://github.com/NVIDIA/nvidia-container-toolkit/releases/tag/v1.17.5)

### Bug fixes and enhancements

#### For all platforms

- Fixed a bug that caused `docker-proxy` to stop forwarding UDP datagrams to containers.
- Fixed a bug that caused docker-proxy to close UDP connections to containers eagerly and resulting in the source address to change needlessly
Title: Docker Desktop Release Notes: Bug Fixes, Enhancements, and New Features in Versions 4.41.0 and 4.40.0
Summary
This section summarizes the bug fixes, enhancements, and new features in Docker Desktop versions 4.41.0 and 4.40.0. Version 4.41.0 addresses security vulnerabilities (CVE-2025-3911) and includes fixes for issues related to DockerVMM, admin-settings.json, UDP connections, container isolation, and more. It also incorporates kernel module updates and deprecates MacOS QEMU Virtualization. Mac-specific fixes address CPU usage and multi-arch build issues. Windows fixes improve installer handling of locked files and display version information. Known issues include sign-in failures with enforced sign-in configurations and multiple organizations in the Windows registry. Version 4.40.0 introduces Docker Model Runner (Beta) for Mac with Apple Silicon and includes upgrades to Docker Buildx, Compose, Engine, Scout CLI, compose-bridge, and NVIDIA Container Toolkit. It also fixes issues with UDP forwarding and connection handling.